last executing test programs: 50.041289728s ago: executing program 1: r0 = syz_open_dev$ttys(0xc, 0x2, 0x1) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)=0x11) syz_mount_image$btrfs(&(0x7f0000005100), &(0x7f0000000340)='./file0\x00', 0x0, &(0x7f0000000180)={[{@enospc_debug}, {@clear_cache}, {@thread_pool={'thread_pool', 0x3d, 0x1}}, {@space_cache}, {@datasum}]}, 0x3, 0x50d4, &(0x7f00000051c0)="$eJzs3U+IVWUfB/Dnzjg6KDjXnbp48QW3wiQKRURDaFaYc82CosVMLYIQYVAwFy3EgpIWDgha4cJgWmR/nFVFC3GVBEEQBcEgzEKQdkIxGC6Ke8957pz7HO+5dyZ1TD+fmDnnOb/zPOeZy1nc783n3AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAhhJNz585V1bdemTm7Y2DP1Us3T+w8NTE6H0KtdbyW1yeeeuaFNw5MPD8cO0zuz7b1erchs67zWWN1x8Fmv86f10IIQ8kAg/l292Bp1OLu4fKAlfZfXNh25NbeXTPHxg9dOLp5qvyn0zS80hNYKfl9dW3xXhpr/R5Izmi3C7dereMWzfqnN9w9+SMAgCUZbbQ27bej+Vvcdvt4Wk/aY0l7OmnHdwjTxcZyZOOu7jbPLWl9heY5lkWFNd3mWU/q+evfbjeSekjbnVFjCfPsPDWPNMPd5jmV1FdqngAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD3k6c/+eJ6VX3rlZmzOwb2XL1088TOUxOj8yHUW8drWbn2xMLcwqa3dj/63e4vP/6zPn5yMO8Xt6sKJ4ff4s5jIyG8Xqhci8P+vj6ERmeh1QwflQtvtnaejQUAAAAeJJtavwfa7SwODnW0a600WWv9F2Vhcf/FhW1Hbu3dNXNs/NCFo5unlj9eo8t4Y7cdr92uL/7UCsE4xt90vMV6PPVwaZxq6Yhpnn959MPtVf1L+b9enf/jKyf/AwAA8G/I/+k41Xrl//nPX91X1b+U/7d0XLKU/+OMY/4fCMvL/wAAAHA/u9v5f6w0TrVe+f/r9/edrupfyv+j/eX/VcVpx4M/xgkfHAlhtNfUAQAAgC7i/3df/Ggh5vXsk4M0r7+49fpQ1Xil/D/WX/6vHBQAAAC4p34488jfVfVS/m/0l//X3NVZAwAAAEvxv/cmD1TVS/l/sr/8vzbf5isfsk7fx3+FcHokhOHmzlRWuBKmn2wXAAAAgDsk5vSXvt18tOq8Uv6fqn7+f3zSQVz/3/H8v9L6/0Ihe+rf4x4MAAAAwMOovJ4/Ph4/++aCbt+/3+/6/09//nVD1fVL+f94f/l/sLi9k9//BwAAAMvwX/v+v1dK41Tr9fz/t9/dsLT8P91f/o/bdcU/73J8fd4ZCWFjcyd/muBn8XIHk8LsUKHQ0kh6HIg98sLsmkKhZSrpsX0khP83d44nhQ2xMJ0UbqzPC+eTwk+xkN8P7cJXSeFyvNPOrM+nmxa+iYV8gcVsXEGxrr0kIunxR7cezcJte8y1Lw4AAPBQieE5z7JDnc2QRtnZWq8T1vY6YaDXCYO9TliVnJCe2O14mOwsxON//TL+XKhQyv/n+8v/8aVYnW26rf8Pcf1//r2G7fX/k7FQTwqzsdBInxjQiNfIwu4H8Rr1Rt7jxsZ2AQAAAB5o8XOBwRWeBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPAPe/ceY8dVHw787PN61+vdDUHKQxYxL0N+ktdrOw7WLyCcVBEIpGQtov6DQtbYm9TxBhs/Co4s1RhUlCKEC66IQh+2RFSnEsgqbXmEEosqQVUtGoU2fziPpgWEKkGjFNclSiRX986c2bln9j78WNsbPh/Je8+933POzDn33vGcmblnAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgt8PV373hy+3i7/jR1796U+8HXvjBbw6u/9I9ky+FMNV4vScL97zvzHNnrvvU7Ru+d/s3Hjk9fudDg3m5PB6W1v/05k8+F2v92bIQvt0TQn8aWDWSBQby5yOxvuUjIVwV5gJFiZnhrES64PDkUAhHwlygqOq7QyGMlAJ3PfPDJ75YTxweCuGdIYRauowXatkyhtLAysEsMJwGdvRngf89mykC3+nNAnDB4peh+NAfn2rOMD5/uRafv4GLtmKXV9q8vpgYb53vV7cu8EqVDKYvTF3Q21apjgVR+Xqc8G1bBN+2Sj8f8raVd6TyPZSzc6Fa6N06c+/mvbN74iu9YWKir1VNC/Q+n3pl/5ZzSS+az2FcgfGL8jm8//DNzw5+7I4XH3n98f2na19bfqGr2ap7F1ot5J+5RfM+RhttTxbB16+yl7TCTlcI4fSJk/vbxSvj//H24//4cY6PvU25Y62vjWZj8/jKSEy8PJqNzQEAAGDRWAxHTQdX/OtP29VXGf+v6O78fzzlnw/ms9aeCGFjI/HZsRCubbyeBR6Li/v4WAhvbaSmmgO3JoETIVzXSNxYVJWUWBJLrEgCvxjNAxuTwFMxMJUEHo2BQ0ngczFwPAlsiYETSeC2GAjbmtvx/0bzdnQdGIqB6awTj8erEH49GpeW9NVzRVUAAAAXST46HGh+WrrW4UIzxOHl8aFOGeIV2C0z1JIa0hFsMaxqWUN/pxp6O9VQtPtA++ZXau7pVHPlMoye5gz/c+qaHaGNyvh/sv34vzbPivRUzv+HyU2Nh5i7N4/MFhmmp5oyAAAAABfg9948vbldvDL+39jd9f/xmEhfKXM4GQ9DbB8LYbI5kFV7SzWQnfVemgcAAABgMSjOxxfnwrflj9kl2ul4upp/6hzzxxP/G+fNv+PH//J4u/WtjP+nurv+f7j5MVuJp+JafGUshCWlwI/iWtYDDSti4KX3Nwfy9j8VO+ALsar8woSiqi/EEtMxMJkEjrQq8XRR4trmQP5mFQv/bNGObXmJUgAAAAAuuXg4IJ6Xj9f/r/nbP3yyXbnK+H/63K7/b4yDK5f3zy4NYXV/CH3pDwNODmcTA8bASE+e+PvhrK6+tKqDwyHcUm9YWtV/5PP/96dzDP5kKKsqBq5927FXVtYTXx8KYXU58OxHj66vJ/YmgWLhvzsUwg311qYL/7sl2cIH0oU/vCSEt5QCRVVbloRQX9hgWtU/1PL7GKRVHa+FcHUpUFT1nloI+wIAi1X8v3Rr+cXd+x7cvnl2dmbXAibiQfyhcO+22ZmJLTtmt9ZarNPWZJ2b5jH6TLVN3d765vk4R9Hdx8a6SRc/FJwsLys/kF+5cjB/HneGBhrtXDvQ9HRd2uR3v726iFDalWrV5N4FbvJwuZK5N7FSf8w/GJaGJXt3z+ya+PTmPXt2rcn+dpt9bfY3nmfK+mpN2lfD861bFx+PltNlJc63r1aWK1m954Gdq3fve3DVtgc23zdz38wnNkyuW7vh5sn171ldb9Rk9rdDS1fOV3PS0rNHu2zWRWzp9f2lSi7FRkNCQmKxJQYH7jzVbvNTGf/vbD/+j1uduOHP52dodf5/PJ7mz16fO80/HQNHuj3/P97qbH5xYcCKJHAgBg44zQ8AAMAbQzwcGY9mxoPSB971wvvalauM/w909/v/izT/fzF1/YdaTfN/Yywx2Wr+/3Sa/2L+/wOt5v9Pp/kv5v8/chnm/99bBJIu+bX5/wEAgDeCSzf/f8fp/dMbBFQydJzeP71BQCVDx2n8u71BwDnP//83v1yzPrRRGf8f6m78b+J+AAAAuHJcc9sNP24Xr4z/j3Q3/r/08/+FVtf/r2gVmGo1MaD5/wAAAFikWs3/98xHdr6/XbnK+P94d+P/eNlFb1PuWOtro9mcdiGd0+7l0eInAwAAALA49IaJiYEu8zZNjHrr+S/zVJwKtE267NDnj53b7/9PdDf+b/pdxv2Hb3528GN3vPjaI68/vv907WvL587/AwAAAAun2+MSAAAAAAAAAAAAAADA5ffo1d+ad16AqPL7/7Cp8Xqr3//H+/413TTxTD4Z4IE4s/6XxkzzBwAAAAvroVtffTj+u+/Lf/Rf7fJWxv/j3Y3/4/0F8vvgZbfeOxHv//fZsRAat9YbzwKPxcV9fCyEtzZSU7FEdkO9D8USk1ngsThh4o2xxPRUc1VLYuB4EvjFaB44kQSeioH8KMWxeGPAPx4NYX0jtam5xM5YYjwJ3BkDK5LARAxMJoFlMbAxCfxyWR6YSgL/FAP5zQeLvvrWsryvAAAAzkU+zhpofhrScd7x/k4Zejpl6LiI4U4ZejtlqLXIEJ//dVyHgfJ8/HmG+NJAWutQUkslQ7wZ3vk3vZiu7+nmnGnByqL7YsHx5pwxw85/vukroY3K+H9Fd+P/y3j///Ru/htjYEUS2BkDG5PA9KY8cOSa5oD7/wMAAHBla3X//9G3/NWhduUq4//J7sb/8UDEm5tyx1o73/8/f37Xh7+5r7HKJ0dDeHs5sP3g9qvqiUdHQ3hXOfDE3Tc2Ru0H0xLff/G2n9cT96SBD65605l64r1JYDp20nVpIB5VObMsCcTu/UkaiP1xPA0M5oGHlmXt6En76j9Hsr7qSfvq1Eh2eUVP2lffHsmW0ZM28HASKBr4yTQQG3hHHuhN1+qbS7O1ioGRWPQvlhYXfQAAcGWKe4ED4d5tszOT6U94r+9vfoyabln+mWq1PV0u/vl4a/K7j411k+5L90VrRVUDoVZvwprK7mo5S0+jlRenlg5d9+YWTe50t/feFuVS59p1g61bNJS1aGLLjtmtAx0bvq5zlrX9HbOsqQx2yll6G13aRS1drEsXLeqyb7pY5fi8N0xM9CW5/n8MjocmnT4R3d6vr3yf/1afgnKeo5//91fb1VcZ/2/sbvwf27M0lD7On4u1/mxZCN/umTsaUQRWjWSB2NyRODxePhLCVaV+KErMDGclBpMFhyeHshHqYFrVd4eyYwzx+V3P/PCJL9YTh4dCeGfpvSqW8UItW8ZQGlg5mAWG08CO/iwQr/woAt/pzQJwwYqNQvxA5T91KYzPX67F5++Nck/QtHmVa6DmyTffNneh1NIX8muqCuf2tlWqY0FUvh4nfNsW47ct+LaVd6TyPZSzc6Fa6N06c+/mvbN74ivlPdmKBXqfy3up3aQvwufwwPmvbWe1dAUmk83H5Pzl5v8c9sTq7j9887ODH7vjxUdef3z/6drXlne9Gi3EgcKT//2mq8rdu9BqIf/MLbrtyZTtyWL8b2Dc2xZCOPTnQ59sF6+M/6e6G//3J48Nr8bO3D0WwrtLnXsydv/vjGXbwVIg20peXQ1kl9z/dLTllhMAAAAutuJwR3G8YFv+mP0gPB0nV/NPnWP+eLxi47z5u13v/U/+/mPt4pXx/3T78f+SZDWd/3f+nwXi/P+8rvRD0UvSFw5c0KHoSnUsCOf/53Wlf9uc/5+X8//O/8/H+f8OnP+f15X+tlX2knba6QohnL1+4OF28cr4f2d34//fsvn/09n8i/n/00n7i/n/p1vN/7+z1fz/B8z/DwAALKgWE82n47zK5PyVDOnk/JUMPUmGc7/FQMdp9M3/n87/f/DPbtkT2qiM/w90N/6PH4eR8tIXy/z/45talNi4qXl1i8ChGNjpjgEAAABcRvEAQbzovdsZJgEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFhYd7x6ZnO7+Dt+9PWv3tT7gRd+8JuD6790z+RLIWxrvN6ThXved+a5M9d96vYN37v9G4+cHr/zoVpebiB/XN6UO9b62mgIR0qvjMTEy6P1J3OBuz78zX399cTJ0RDeXg5sP7j9qnri0dEQ3lUOPHH3jdfUEwfTEt9/8baf1xP3pIEPrnrTmXrivXmgJ13dP12WrW5PurpfXBbCWClQrO79y5qrKpbxgTzQmy7jL0eyZcTASCz68Ei2jBiYjSW2LQlhdX8IfWlV/1jLqupLq/peLauqL63qD2oh3BJC6E+r+rfBrKr+tOVPD2ZVxcC1bzv2ysp64uhgCKvLgWc/enR9PbErCRQL/8hgCDfUPzLpwr81kC18IF34nwyE8JZSoKhqeiCE+sIG06pO9GdVDaZVfaM/hKtLgaKqm/pD2Be4XOKGZGv5xd37Hty+eXZ2ZtcCJgbzZQ2Fe7fNzkxs2TG7tZasUys9pfTZz5x/259/Zf+WRuLuY2PdpIv1miyvy9NTlRfLz/vzpwONdq4daHq6brE0ebhcydybWKk/5h8MS8OSvbtndk18evOePbvWZH+7zb42+9uXR7O+WrNY+mpluZLVex7YuXr3vgdXbXtg830z9818YsPkurUbbp5c/57V9UZNZn8vRkuPXvqWXt9fquRSbDQkJCQWW6K3aes2eaVvxys7+nMrOhBqjQ10ZVhRztLTaOXFaPSt59Ha3Lk2ujIkqbRoTWXgUMmytnOWdZUxw1yWoSxLY1+wMjgs19Tb6NL4vDdMTPS16ofx5qfl7v3VBXTvqdh1XaYBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4P3bgQAAAAAAAyP+1EaqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqwAwcCAAAAAED+r41QVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVhR04FgAAAAAQ5m8dRs8GAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXAoAAP//Qczu7Q==") ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000040)) 46.44263701s ago: executing program 1: r0 = syz_init_net_socket$nfc_llcp(0x27, 0x2, 0x1) r1 = syz_io_uring_setup(0xfb, &(0x7f00000003c0)={0x0, 0x0, 0x10100}, &(0x7f00000000c0), &(0x7f0000000100)=0x0) openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) ioctl$SNDCTL_DSP_CHANNELS(0xffffffffffffffff, 0xc0045006, 0x0) r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) r4 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) read$FUSE(r4, 0x0, 0x0) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='net/udp\x00') read$FUSE(0xffffffffffffffff, &(0x7f00000061c0)={0x2020}, 0x2020) lchown(0x0, 0x0, 0x0) r5 = socket$inet_dccp(0x2, 0x6, 0x0) getsockopt$ARPT_SO_GET_REVISION_TARGET(r5, 0x0, 0x63, 0x0, &(0x7f0000002600)) socket(0x28, 0x5, 0x0) ioctl$TIOCSTI(0xffffffffffffffff, 0x5412, &(0x7f0000000000)=0x13) socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(0x0, r2, &(0x7f0000000600)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r7, 0x0, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000019c0)=[{&(0x7f00000002c0)=""/183, 0xb7}], 0x1}, 0x0, 0x40000103}) io_uring_enter(r1, 0x46f6, 0x0, 0x0, 0x0, 0x0) write(r6, &(0x7f0000000200)='~', 0x1) bind$nfc_llcp(r0, &(0x7f0000000000)={0x27, 0x0, 0x0, 0x0, 0x0, 0x0, "0f03c8c7e8da000000000000ffffff017f000000cce67e1d0000e565aa9a9d32c7627ffe7a54cdbd77b3000000000000000000060000000000000000deff00", 0x17}, 0x60) 42.191399661s ago: executing program 1: syz_usb_connect(0x0, 0x24, &(0x7f0000000100)={{0x12, 0x1, 0x0, 0x6c, 0x79, 0x8, 0x10, 0x14aa, 0x22b, 0x8e53, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0x34, 0xcf, 0x82}}]}}]}}, 0x0) 41.181903487s ago: executing program 0: mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xc, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000756c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000e20850000007000000085000000d000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001b40)={&(0x7f0000000100)='jbd2_handle_stats\x00', r0}, 0x10) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='memory.events\x00', 0x26e1, 0x0) 40.712092239s ago: executing program 4: r0 = syz_open_dev$sg(&(0x7f0000000280), 0x0, 0x0) ioctl$SG_IO(r0, 0x2285, &(0x7f0000000200)={0x53, 0x0, 0x6, 0x0, @buffer={0x0, 0x0, 0x0}, &(0x7f0000000180)="a1c634a0758c", 0x0, 0x0, 0x4, 0x0, 0x0}) 40.607607324s ago: executing program 4: bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000001000000000000000000000000100000f01d00ff"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='blkio.bfq.io_wait_time_recursive\x00', 0x275a, 0x0) write$binfmt_script(r2, &(0x7f0000000000), 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r2, 0x0) preadv(r2, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x1, 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, 0x0}], 0x1, 0x64, 0x0, 0x0) sendmsg$NL80211_CMD_SET_REKEY_OFFLOAD(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, 0x0}, 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) 40.347782214s ago: executing program 0: syz_mount_image$hfsplus(&(0x7f0000002380), &(0x7f0000000000)='./file0\x00', 0x1600008, &(0x7f0000000100)=ANY=[@ANYBLOB="6e6f6465636f6d706f73652c6465636f6d706f73652c756d61736b3d30313737373737373737373737373737373737373737372c6e6f6465636f6d706f73652c6e6f626172726965722c747970653de5f2875e2c6e6c733d63703836322c00"], 0x3, 0x63c, &(0x7f00000023c0)="$eJzs3U1sG1kdAPD/OI4TB9TN7qa7Ba1EtJUWRESbD2UhXCgfQjmsUFUOnKPWbay6aZW4KK0QCl/iwIVDxbkccuOE1HukcoYL6jXHSqBeekC5Gc147DjNl/NVO9vfrxq/9/zevPnP357x2FU0Abyz5ieiuBFJzE98sZq2N9dnapvrM0N5dy0i0nohotgsIlmKSJ43u6+lD19Ln8zHJ/tt50l17saL15svm61ia+WklNaG91/vMM0V1/IlxiNiIC93G+x21h3z3dx3vr389097B9kMNN3ny63EQa81dlk7yurHPm6B/pE0Pzd3GY0YyT6hm9cBkZ8dCm83utN3pLMcAAAAnFPvbcXWWqPR6HUcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcJ7k9/9P8qXQqo9H0rr/f6ljeKmHoZ6KjV4HAAAAAAAAAADH0hjobH1jK7ZiNS60e5Ps//w/zRpj2eNX4mGsRCWW40qsxkLUox7LMRURox0TlVYX6vXlqS7WnN5zzekz3WkAAAAAAAAA+LL7bcxv//8/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD0gyRioFlky1irPhqFYkQMR0QpHbcW8a9W/Tzb6HUAAAAA8Ba8txVbsRoXWu1Gkn3n/yj73j8cD2Mp6lGNetSiErey3wKa3/oLm+sztc31mXvpsnvev/yvkekyjGzGaP72sPeWL2UjynE7qtkzV+Jm3I9auXOWS6149o7rN6/SuX+Q6zKyW3mZ7vmf87I/jGYZGWxnZDKPLc3j+wdn4oevTrSlqSi0f/kZO4Ocj+RlsqMcOFLMZ+PNTExHIct36qODMxHxzWd/+8Vibenu4u2Vif55Gx1TMxONRjMTQ1mrlYmP36lMTGb7frHdno+fxs9jIsbjeixHNX4ZC1GPSozHT7LaQv5+Th9H38hUYefU13a0rh8WSSl/XZpHytFi+jRb90JU42dxP25FJT7P/k3HVHw3ZmM25jpe4YtdHPWFox31l7+VV9JT+h/zsj+keX2/I6+d59zRrK/zme0sfXD658bi1/NKuo3fRcSPT3E/T+bNTKSfEs++2uz78OBM/DW7TlipLd1dXlx40OX2PsvL9Dj6Q199Mqfvlw/SFytr7Xx3pH0f7tk3lfWNtfsKu/outvsOO1JL+TXc7pmms76P9+ybyfoudfTtut5qXw8B0MdGvj1SKv+n/M/y0/Lvy4vlL4Z/NPS9oU9KMfiPwe8XJwc+K3yS/D2exq+3v/8DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADHt/Lo8d2FWq2yfGglyW7+H9HV4I5K63ZOBw9O8hv5HGVmlVqtMhwHj2ndr68PQm1Xav/eEU/S63j6oTLUb2/+3p2TgLfjav3eg6srjx5/p3pv4U7lTmVpcHZ2bnJu9vOZq7ertYFIHyuTvY4SOAvbH/q9jgQAAAAAAAAAAADo1sF/BjCYjzrZnxP0eBcBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAc25+IoobkcTU5JXJtL25PlNLl1Z9e2QxIgoRkfwqInkecS2aS4x2TJfst50n1bkbL15vvtyeq9gaXzhove6s5UuMR8RAXp7WfDdPPF/S3sM0YZdLJwsOTs3/AwAA//8+wAVR") r0 = openat$fuse(0xffffffffffffff9c, &(0x7f00000001c0), 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000140), 0x0, &(0x7f0000002280)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}}) read$FUSE(r0, &(0x7f0000000200)={0x2020, 0x0, 0x0}, 0x2020) open(&(0x7f00000000c0)='./file0\x00', 0x0, 0x0) write$FUSE_INIT(r0, &(0x7f0000002300)={0x50, 0x0, r1, {0x7, 0x9}}, 0x50) read$FUSE(r0, &(0x7f0000004580)={0x2020, 0x0, 0x0}, 0x2020) write$FUSE_INTERRUPT(r0, &(0x7f0000002240)={0x10, 0xffffffffffffffda, r2}, 0x10) r3 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(r3, 0x541b, 0x0) 40.227485693s ago: executing program 0: creat(&(0x7f0000000280)='./file0\x00', 0x0) mount$cgroup(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000240), 0x0, &(0x7f0000000000)={[{@name={'name', 0x3d, '--'}}, {@name={'name', 0x3d, '--'}}]}) 40.170566111s ago: executing program 4: syz_open_dev$vcsn(&(0x7f0000000280), 0x0, 0x80) mkdir(&(0x7f00000003c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x800000, 0x0) r1 = openat$cgroup_procs(r0, &(0x7f0000000000)='cgroup.procs\x00', 0x2, 0x0) writev(r1, &(0x7f00000001c0)=[{&(0x7f0000000180)='0', 0x1}], 0x1) setrlimit(0xe, &(0x7f0000000380)={0xbe, 0x7fff}) sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x5) r2 = getpid() sched_setscheduler(r2, 0x1, &(0x7f0000001700)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0) write$binfmt_script(0xffffffffffffffff, &(0x7f0000000400), 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2000006, 0x28011, 0xffffffffffffffff, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r5 = socket$inet_udp(0x2, 0x2, 0x0) sendmmsg$inet(r5, &(0x7f0000000e00)=[{{&(0x7f0000000080)={0x2, 0x4e33, @multicast2}, 0x10, 0x0, 0x0, &(0x7f0000000040)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @local, @multicast1}}}], 0x20}}, {{&(0x7f00000000c0)={0x2, 0x4e21, @empty}, 0x10, 0x0}}], 0x2, 0x0) socket(0x10, 0x0, 0x0) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000180)={0x0, 0x0}, &(0x7f00000001c0)=0xc) lchown(&(0x7f0000000100)='./file0\x00', r6, 0xffffffffffffffff) madvise(&(0x7f0000000000/0x600000)=nil, 0x600013, 0x15) r7 = creat(&(0x7f0000000280)='./file1\x00', 0x0) sendmmsg$unix(r3, &(0x7f0000000340)=[{{&(0x7f0000000200)=@file={0x1, './file1\x00'}, 0x6e, &(0x7f00000002c0)=[{&(0x7f0000000480)="55a5c3adb008a599a69afb189ab163e4bd9496fd180aa2dc4cf7b3c453185a4be105d2c1a27ddf21d4623c924cf1b054c702bfb4fefcb8db626c5b8f086672c8a187612db3fbcff15e080a31fcb7ed0f0b675f0b7dd593e34f8eeda958aef6d29447323d29c1f06ca393eb31dd65b0bb8b35e1400d48fced29d5dd556e3190b6581ebe59c7fc7ab583ac800ec958c12df551dd5c95b07e13003c7a2b101faf4e9c18bbc0de1734bdb6463b81ca70c0f0051e43d36553045e0c2cfc13282acf0b86b106f91c20db6b03b60f1b8a64eaabaf687b5acaaf", 0xd6}, {&(0x7f0000001740)="c2fe2980bd92a4a54d03e3f776956080ce9107a9d1cc551fe1b5c349a3e47abcb5bf76a395df0bb6307dfe6e13985d5677d4c53cae87e4678c82282abdcc8aaa620ad0cd8394939ec6e1ebbef8357fa282e2d83667f173906273ced44a9bb2868f74a4d98d46dcbd286826ef8348a51d74dd7e59568d708d0844b684024e080244a176ba4af838c88681a9cabb17c92ff514cba262b2867b135042711c064810583e0c40e856d20cb8a3828f164bc9cbcb25dfa3f75c21d776b64c1d079cd007a67062dc48cf945a4098778cc7220653d4e63b7b11aa0099e1ddb87fa7872ec9236330d6d16217a9d0b93a5edda5c98dc5fb5d9863cc4772925c74406bf67d8e3de94fa1fe01a386809742809a5b975ce67fca2e470aea68a0332489e6403ce0b609fa94f288e4fdd27b3303539865e6d363ae6e3af87f3c202bb223a4235661bcd56c2205a7e22470b19cff3b953a7b5378d5e9c7d76c486b9072496fb6a4bb35eb27ea4fb94f0870917340872e557db8d4052e10a99ff5e3ff7b9badf0c74b4e197064572ce21551b6f5bf299cf5a2fe5d3c281d2eb5cd5e8399b46c9863c0e3b968e4fcae938b4ed4f3bf513ddbab4ceb8afef13d1ed5cb6ca17f48f1ae35265a2d4616bffda939a46948ecf9fbd911d76c1ac958dafbba4c164d20aa7194417d3fe972e43f47cb1f06796f142ac1b5544195868ced4c8a11c6825bcbce9f6b1a6a8f281a246631ec2370ba21792a0f4bb2a8632bf7f463dc2df2ffae5cd3d6118feadd95a7032461113bbda4f6831c37d36a55e38e0241a5e08608b2a491e2e68bd93d457e31421948d3ff0f270c70d760d10cb0574aa0cb7c4c2cb0dcfd797cf8937b6b7cba4c4e87e9decf36724d3c94f9b6a5d831bd33da162402eb0b3d2f779a0d1c5fcf72e16d8f340b473f2014551fec3c946f987ae1b28bb44657adce2abfbcb1cd7cae4a4292e9eb3ae5a3bbf0cfd5703ff5ff1ca93e5a03c36a20f1c41845cdfb473df25b24c8ed0f2213a4b384d3864d06eeef286c97f4fb407b8791b7120220617d6316d164e9da66a90d20a19bf85f52980e912380b8248300c2952aec5998a5ef0da0ddce249699c44abe61eb4af19a1c7d092b0d8b28209a7228fb77f786378ddb69f414050230ba118da194dd2e88e0dce0b9c2ec6e1ae64d0ea5cd6c8d5fbb7c04bd2cd23f6a8d3f7fefa584b8118eb75ab3c97c9e65f5c0795ed2b036d7e2e24c17a8c30dc27d43aa3f9d66d41dee70d86e291bb0ec7b47d187829aa2aaacf0372eae89e9be6eec9db1938d5880fa250511b28a6c03158d365ac7ce61052134791c48c62f9ad082b8f19729f9380c2194b1488da770d0cba53f882579af87725c316db0817c3f251fd4c1e4c3df47b98e09158f395d3b84090bb1b69c9fbce3ae52088c97fa9db7afafe5c8cf7fe51618826ac7aabe1f12f21c502f84ae278bcde2605c63716e8ac186670b2e6412918ce9cf7d5abcf4f290d521e8f32a3f86c5f624096439f7078cf25352f34084a328899e869a44aef9fbff85d425faa8e75650cdedae236f27e39531bbb9177082fe5f88fb71aa84f7cea709c9ebe9fdb22715d543a7aeb1a868dc8acaa59ab40fd44bc50497e4d30c2e88d54469f97effac96121f9fcd244fb2266a119de4508c7740e0531bcca5f9c5daf611bf9b9a42f80521da97dddb765e430a1e1801d09d81a5cd24c3a916c915345d13e34687940a73817f00f4ac65c55ce5615636e36189813458bbbeabb6c02cf021b435c1b448c2155ccf5a7291a4f547452535199d9639064fe445c9c8776c60b3447ec927a9016ea4ad4e7910e2c88d8f2483cad0c928e524c7846232a3065463536c566db654d6de9f6e61a777645c6fefe21a67f35ceb1f49e0c188be9ff573b370a49a758c7379ec4451ce9b96f8e527bd08390bd709f171aee60452d0eec961a925115fcd841f9536f54359baf2fa64076606dd35a0fd634120d9a3dfd3110133751e03e951c73552f661aec26604cd4ad55fb96f828039851a33f47f92f7705860544aa4121fbda90c24e86a5fae224d52f5f6c282bf3f8d9e54d431f441f6fbe31db42969dbe641edc108b39b3130d1b65f03338f316b7b3c7dec47f7870b03271b8f380a1d1729aa486753ba49a2af5bc6c6fb4d8260e4e7a8ec6bc3a84a476992badeff35e9b4c781ba0e955aec519f5ed8f18f16147e191f4f6bed063eabf6270237d867a106a9810764eb17439a26e477cbe4103cdbf26bb3281af80facc5c8b9fbe9831ae6987138a467c4f39887bd1ddf541e370c5644ebebc67c934e48d51c6c336c62df39a78abadb1d2d733ab2fa2f4adfdc892986187ba2e525a38e2cfd013e05375a48adcbf632c75285d79da7a26fec0be34cf16134978bfe76322caf865d31a4a9adfec8253b4b0fe0da5fb4d39f84ca42a0daccf2344a971f007a0acb05296df03506315ffb9adbab0ab7697a2d01bfba4d1b49def7052aafd163f615532eff90caeea35658946c5c8f9e5b708b26e9bd2370235d6579e43cf154cce7d6e45f3c5a45ecf689dca91be4eb388802c3df007dddb5172279a073e6a9d15a718f0bc1e3df7c34cc443d220d7fa8368f93254cbc6aaef7869f4d044f6ea78c28b46aae6d9660fb6d402d284a5c02bf4bcdc8e3af10dd9957ac43bdc030bf8c84016cb01c380c787bea005e1f12fe0290fbf1c412dcadde1d2f8984e1f007d10eea4d3e31a0ea74ea92c73f0b8189e92188e5f9e3074dc06ae537f6204c291b1b5c305db1e7885919be4806b03d03b877cedf8aadffceb7ef9cf434f13a2c39f234bac085fa95beec9852fe26ddafaac9686a8ecad8e60570fdcd50c90ea1ba416353b51bfcdeb0e2c54f000e8ad278968db41ac3be6e364ec9edccb0da436e8f48cff5e10cda830c87c73632e8164ea71671fd912f77e03880d88d399914a264e904cdc186905048534a57d3e9dd608bdc0b473fcf2673bcd847643d9db7b354a7bcd09523be6840284ea8ca156af40f88985257590224a4b88797bb043a02f534829064691e73f443fde31b99224ea3998086d06ca3fa7fba96f6852149d66932019b46194199f660c9b06858bcebe14ac63fa9e4c8056df93e8d07c47d736c3c6e7e6a1cacb4855d7ebeb43e2c7e39536987a19dd34ed5ad0d91dcccaa3725daad183237b9a9d41c0f2fe6ec6a7718cfbde4469e7538a4123ce12b24dfeeb001c3b33c95cf18ccc283a4ed71b110a74d469fa67c30753be03b822dbd102faa3a3661188be4a9815da9c72c65ade2f25a8b70d0aefe0fcda4a6c7b03cb41b771406a704c28e727b132be345a21342a323a452e80b64885573021cbac9ff318e8a6dd536e2257f082934d703990d42da3e64e041b98123e2256440fd97fd40d96fc5f39743508c014ed36c82f48d3dc6d435ff6d1a8141ec94b7e38decf393deae5a63654ca1703ebcdca4752e58d9698f7ebd05f410c7384364191f0fe5e49f4cf933d609e036459b2288e90a84c840351f1e8e48b50361c91a3eef73cbb180a50486bfae154f39d50b2ca4dace3a32169ec0f5e016d7d95ea0f020edbd7861650def85301260ca6c514762b50d017695faa6bb895639fe04b9a3f1178ccd6dd7abf8872ed64a3484e7ebc0317688fe89c5e361e643d34576919b02589fa017ad1a106a666ceaa820a3cda560e77d84e1a3d17feac7ff6f4864f4f1e65d55a5f7d9bf4fc7bc464da57311a68d4195be42a53094a5197448f5f6e5b146079d8baa3446ec1c3c8eaaa95b972913e5a4564a6d56230e24880cd9db0c059796f227cba2f786fe6bc99437ec8acd6a4c7f70e9f699328cbf5e48862119412ce2ac81266014e1c35d51ef87ec2f2f8904f56d389e508cd82e84eecd33de8d240c79fdc2c58487adbba9475eac35d711c16e4a002bd4f363a99409d0cc914eeeb0376c34b1e5d936790c38a20e0949dcd99ec227a5b6d44e35805a08f9590ce0287a3ee51364c2673edc977dc26de21e96c520d65e4d955b7dacf74116c4b76a689b62aca2f81b1b9017ef55a678886cd0b770d59260aee09e11fde401cff1854f977e4795e0674f0394c1f2ed5265a3f704a3ec977f3c7f3df8278828a1cfb7bdebd0f4a4bdbc794e9bd1f2bc224b5f29faf7161a05f4ea2b0a3251710cd3dd2f5cb95df27118b2819f9c37bc20af19da3a15cb1d8a03ea86c13d9753a753cc9bdb0addbf2d7c580bc8877d5d24b34f6ebcebe507a1cd63e7407654c7e9c62ccadd64322c3694dc642fd2c239b6d21b62d24e33c2339f08eea83eff423922cba49f1da563912094d4e851e57441c0a6c81ac6ebf1b7daeafdb2509dbc2d182fc179ebbc5a7bc0b4847b1c7d91e36390a869af5d03a2ad786b9fa5b2bbb1e0adcf166a245c1efbababb682036eba9e85a59bb2016c97d831f369769045c66545e4321d7dc41791c141687d4e2c6484ff87c62c79ee506abd8902987b96de6af27064db4ee41fae13c9717c0f74e8d24540bb7595d806a4ff4c9411638ebf7bea0040a71227856b61d5d32ad61f176cba5bb43e5c2e715ce0b1f0e8002cae060c6e7f32ee8b6d52bf31d467b1a9fa3595625a1daf0e53d296cc54bd7d620f6bbaecfa661f2cf3bd0af191ead2ebf0fdabd02128d1894f45b9647008adcf3e4d690d8a9df02a48310ad283e02a8910a36f4a1589143f951de0f31d6e72ffb66da25349412700d37b383cec393ccdebb71c242fb2890ce754ee3873484f5b1e08700aa62c74e28b4f6921b3fe51e893c3a21c1a1696f94f82a540b4864e95bca84fbd12cf63e645ce513e2b0c84998fa33fe4a75ac2339865c7429b7177a83844ac79c5ac40deb1b7a89a207f5be878fd00b7913b3a9b7a7b2bbfc1b392d32b533ae1a367188df32134173ce9b8db162b4ba170153973d5650972d2b82ca5109dbc51dafcd33d96c15f7473e3d6529251fd10126cc96ec8ec8fb7595c8f5278b2f281324ec26ccacd20319e467aa0ae6e94b5e411812421dee91424e35bdebece2c08897e1a42a101c65900a8c5cd7e5828a42255bb7b2e33b8cc101b33d2dcdc3f4a54f24841bcee28a87b9acc97b205dc5f3f2f48c8ce366278b3410026931781fa8862debfa1c3b81d0b3581052d396b4259d9eea881943d115fb2418a0b5e674239c079271ae4568d919afa8f5563706a84fec11bc12fcc048ec8c8b2b2be65b8cf63b43df34ce9435e18025b0bc9ed152823b0e38b2a22483fd33a0dc926cc1622b69858972526e241c4214d71b1f9d693a4d3b06625149e8dcd2f7e415b107dbeedd9510597a671ef21e490290f24827e53eb24a7534a610dee79b4bc84c262eb6050e81ddbb6013468d17824bdf3adf6c827c810ca19b54301d5391b986fd55df638069082b3bc3ffb02734b7929e146e6ad8c9f82b2b74101d573d48ac7a8d611e128cded648c33c1c42e07723e996803019c1352ba7c65f9fddb026df2d6c65e5b3c86d828f362852cf1233fe7a22259eb2e045a282926b904c0539747f5e04a0437d98b66c1f18a3b512e7aa87dcb4d000f44fad873fb0399b1fcf8b7baacabfe9496f96bb93dca95b369cfe3956a58709c91e1855d8bad7320637cd394419d053b32f44bd64790bcced06b43e72db9afe8db3c65da688f59ddf6c16f0ba5f78b187eb86340aa1266bf22813fb7d7812172b6ccd942e267c91dd5d689ea2ebf319ddb50ed6be168d7f2b1bd3c539d26fccb63489a77b4c73bfdcc5f9e96150e561bea45e2569ffbddeb65663ae0ea97690d6c", 0x1000}], 0x2, &(0x7f0000000300), 0x0, 0x8030}}], 0x1, 0x10) write$eventfd(r7, &(0x7f0000000080), 0xfffffe5e) openat$binderfs_ctrl(0xffffffffffffff9c, &(0x7f0000000440)='./binderfs2/binder-control\x00', 0x2, 0x0) socket$nl_route(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)) 40.128671768s ago: executing program 0: r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000007c0)='./binderfs/binder0\x00', 0x0, 0x0) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000001840)={0xc, 0x0, &(0x7f0000000800)=[@dead_binder_done], 0x0, 0x0, 0x0}) 39.990102429s ago: executing program 0: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000001c40)=@newtaction={0xf0, 0x30, 0x1, 0x0, 0x0, {}, [{0xdc, 0x1, [@m_police={0x6c, 0x1, 0x0, 0x0, {{0xb}, {0x40, 0x2, 0x0, 0x1, [[@TCA_POLICE_TBF={0x3c}]]}, {0x4}, {0xc}, {0xc}}}, @m_police={0x6c, 0x2, 0x0, 0x0, {{0xb}, {0x40, 0x2, 0x0, 0x1, [[@TCA_POLICE_TBF={0x3c, 0x1, {0x1}}]]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xf0}}, 0x0) 38.853696103s ago: executing program 4: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000100)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) semctl$SETALL(0x0, 0x0, 0x11, 0x0) msgsnd(0x0, 0x0, 0x0, 0x0) 38.837207276s ago: executing program 1: r0 = openat$dlm_control(0xffffffffffffff9c, &(0x7f0000000000), 0x8502, 0x0) write$sndseq(r0, &(0x7f0000001380)=[{0x6, 0x0, 0x0, 0x0, @tick, {0x4}, {}, @connect}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @result}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @control}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @raw32}], 0x70) 38.776278685s ago: executing program 3: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000080)={0x26, 'hash\x00', 0x0, 0x0, 'cmac(aes)\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18) r1 = accept4(r0, 0x0, 0x0, 0x0) sendmmsg$inet6(r1, &(0x7f0000002d40)=[{{0x0, 0x0, &(0x7f0000002c00)=[{&(0x7f0000002980)="f555c15b70122cd0c98a5b39d97524", 0xf}], 0x1}}], 0x1, 0x0) 38.660632163s ago: executing program 1: r0 = socket(0x840000000002, 0x3, 0xfa) connect$inet(r0, &(0x7f0000000140)={0x2, 0x0, @remote}, 0x10) sendmmsg$inet(r0, &(0x7f0000005240), 0x4000095, 0x0) setsockopt$inet_group_source_req(r0, 0x0, 0x2d, 0x0, 0x0) 38.079096922s ago: executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x7c}}, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000580)={0x0, 0x0, 0x0}, 0x80) r0 = socket(0x2, 0x3, 0x0) sendmsg$nl_generic(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000001240)={&(0x7f0000000c40)=ANY=[], 0x184}}, 0x0) ioctl$sock_netdev_private(r0, 0x8990, &(0x7f0000000000)="831cd2bd37c4fed05886312a3a") r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r2, 0x10e, 0xc, &(0x7f0000000000)={0x9}, 0x3c33) write(r2, &(0x7f00000000c0)="240000001a005f0214fffffffffffff80700000001000000000000000500090002000000", 0x24) sendmsg$IPVS_CMD_NEW_SERVICE(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000080)={0x14, 0x0, 0x1}, 0x14}}, 0x0) syz_emit_ethernet(0x6e, &(0x7f0000000140)=ANY=[@ANYBLOB="bbbbbbbbbbbb0180c200000086dd60e4d70000383a00fe880000000000000000000000000001ff020000090000000000000000000001020090780000000060fd906300003a0000000000000000000000000000000000fec0ffff000000000000ff7fac1414aaef9edaaa64947bfe"], 0x0) socket$nl_route(0x10, 0x3, 0x0) socket$netlink(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000200)={'geneve0\x00'}) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x2}, 0x0) r3 = syz_open_procfs(0x0, &(0x7f0000000180)='net/arp\x00') preadv(r3, &(0x7f00000001c0)=[{&(0x7f0000000280)=""/24, 0x18}], 0x1, 0x4f, 0xfffffff8) 37.749266022s ago: executing program 3: socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0) openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0) r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0) r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs/binder0\x00', 0x0, 0x0) r2 = dup3(r1, r0, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BLKALIGNOFF(0xffffffffffffffff, 0x127a, 0x0) ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, 0x0) mbind(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x0, 0x0, 0x0, 0x0) ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000001c0)={0x4c, 0x0, &(0x7f0000000480)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x78, 0x18, &(0x7f0000000280)={@ptr={0x70742a85, 0x0, 0x0}, @ptr={0x70742a85, 0x0, &(0x7f0000000580)=""/206, 0xce, 0x0, 0x11}, @ptr={0x70742a85, 0x1, 0x0, 0x0, 0x1}}, &(0x7f0000000240)={0x0, 0x28, 0x50}}, 0x1000}], 0x0, 0x0, 0x0}) 37.675173634s ago: executing program 3: syz_mount_image$vfat(&(0x7f0000000300), &(0x7f0000000340)='./file0\x00', 0x440, &(0x7f0000000bc0)=ANY=[@ANYBLOB="005085354abb9e1ea2e95714aaf5f7d1ba00c0d3ee51b16a8e6146ccbf8a77931081bf24c89938ea3ecd66a8c73f5d707d5648604d6270f421c65da5f28dfb9f1a886b67230ad6000018e693a6792559eb244ebb510b2d00000000000000002e0c641c5a8921cbab087c4068fb7a181c8af3f44a13d0cba134c67b5f3436a182e0fae7a23adb45d3adb53a4b4a865558644e500da903dd3cfbad388ed61706d325df272a8289255d2c8730731342028fe35b4c953739f1afbacba0f3e8ae89176e2b5aa7b0eb4e2fdc9069680dcc30af12c8dfa58e53dcc3229cdea9f6f8cbdc1155d37704b108f5e4abddab215665f73e6579034c167010fce5cefc1151581dde848017acdfe6cb87a05b75806a8244276d1a3a034b600df2a9611497ea8ed44a5f833cd9b91aa87b826853410edab7a311dfeb4c146d4a44159d29ce1d35cb2be1779847b9be9e32a7a143eaf6db55d0e2bd3955da208fa874e6d3a679e8eefd62008482dc274a51f96d7888dc83e3e85168b85f51c7d8313b8c1424b797c7b5b6a101fb59d011d94eb4d61ca365dbff"], 0x1, 0x2ed, &(0x7f0000000680)="$eJzs3cFrI1UcB/DftnVXKrvJQQQF8aEXvQxtzx42SAuLAUU3ggrCrJ1oyCQpmRDIItabV/8JDyseBQ+C+A/04t/grZce97AYaWbNNlJPagPu53OY94PffIf3eMPwbnP65jeDfrfKuvkkNm5fi63bERsPr0UzNmIzal/FG9/+ePby+x9+9Har3d5/L6WD1t3dvZTSrVd+/viL71/9ZfLcBz/c+ulGnDQ/OT3b++3khZMXT3+/+3mvSr0qDUeTlKd7o9Ekv1cW6bBX9bOU3i2LvCpSb1gV45V+txwdHc1SPjy8uX00Lqoq5cNZ6hezNBmlyXiW8s/y3jBlWZZubgf/ROe7h/N5nM2uR8zn83XPhqu32P95bd1z4erZ/6eb/X+6XTjUPRsx+HramXbqse63utGLMorYiUY8WhwTlm/L+fXgTnt/Jy0048Hg+HH+eNrZXM3vRiOal+d363xazT8T2xfze9GI5y/P712avx6vv3Yhn0Ujfv00RlHGYZxnn+S/3E3prXfaf8nfWNwHAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA/1OWlprxYHA87Uw7EefjZt3P/q5f51vd6EUZRexEIx5FzJfq+uBOe3/n8QNW81vx0tZ61w4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAf6pm9/t5WRZjhUKhWBbr/jIBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA1Xvy0+91zwQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIB1qmb3+3lZFuP/sFj3GgEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAODf8kcAAAD//8BO4LU=") openat(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) fchdir(0xffffffffffffffff) bind$inet(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x0, @local}, 0x10) mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) pipe2$9p(&(0x7f0000000240), 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000280)=ANY=[], 0x15) write$FUSE_BMAP(0xffffffffffffffff, &(0x7f0000000100)={0x18}, 0x18) 37.534421575s ago: executing program 3: bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000001000000000000000000000000100000f01d00ff"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='blkio.bfq.io_wait_time_recursive\x00', 0x275a, 0x0) write$binfmt_script(r2, &(0x7f0000000000), 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r2, 0x0) preadv(r2, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x1, 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, 0x0}], 0x1, 0x64, 0x0, 0x0) sendmsg$NL80211_CMD_SET_REKEY_OFFLOAD(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, 0x0}, 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) 37.207826726s ago: executing program 3: r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000b80)={'batadv_slave_1\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="400000001400030400000000000000000a000000", @ANYRES32=r2, @ANYBLOB="14000200ff020000000000000000000000000001140006000900000006ff"], 0x40}}, 0x0) 31.160341263s ago: executing program 2: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x11, 0x3, &(0x7f0000000200)=@framed, &(0x7f00000003c0)='GPL\x00'}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='contention_end\x00', r0}, 0x10) r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) setsockopt$IP6T_SO_SET_ADD_COUNTERS(r1, 0x29, 0x41, &(0x7f00000007c0)=ANY=[@ANYBLOB="66696c746572000000000000000000000000000000000000000000000000000004"], 0x68) 31.099535312s ago: executing program 2: syz_open_procfs$namespace(0x0, 0x0) syz_mount_image$vfat(&(0x7f0000000200), &(0x7f0000000080)='./file0\x00', 0xa08886, &(0x7f0000000040)=ANY=[@ANYRES32=0x0], 0x9, 0x2a8, &(0x7f0000000500)="$eJzs3F9IU38Yx/HHPz/1Z+hGRFBQPeVNRRzcrgMdoRENjHJhCcExz2rstI2dsZqEWxB400U3/buuIEIQoosgELvoKpTwrovuvPMiu0oiOjGnudnUMnWS79fF9rDn+zl8z58dtu9g08fvXouGHSNspqS6oUqq2yUns1XilWpZkJMj10fe7zt34eLpQDDYcVa1M9Dt86tq84HR3pvDh8ZSO86/bH5dL+PeS9Mz/qnx3eN7pr93X404GnE0Fk+pqX3xeMrssy3tv+9EDdUztmU6lkZijpUs6YfteCKRUTPW39SYSFqOo2Yso1Ero6m4ppIZNa+YkZgahqFNjYKVDacfBZbvhp7Puq7MpN65bn1OXNfNv9iwidNDhc2df9ctOv93Kj0lbKKim3qDiD2UDqVDhedCPxCWiNhiSat45JvkrxH38Yg7d6nkH2/4R4KTR9++UVWvDNrZ+Xw2HaopzfvEI95CpqBQd54Kdvi0oDT/nzQW5/3ikV3l8/6y+To53FKUN8Qjk5clLrZMjB78MtU19GAhP+hTPdEVXJL/X/oXD9OzzxU6PwAAAAAAAAAArIWhP5VdvzfyA24PqGrTkn4hX+73gaXr861l1+drZW9tZfcdAAAAAIDtwskMRE3btpJ/WeS/yq/Hdv694smt3x+8v3PlMS1tNRPtH3KJrbBff1B87dkS0ygtZH71abXBNev8TlksPq3Ldqrm57f8mJO9H1+sup26X47PcsY2/q4EAAAAYCMsfuhvk2z4VTrbc+xepecEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMB2s4a/HJt4WK6l+WLn03KtSu8jAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADASn4EAAD//xAR0Ao=") r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000e8ffffff850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) getrlimit(0x0, &(0x7f0000000240)) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() setrlimit(0xf, &(0x7f0000000280)={0x89c, 0x4}) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000840)=0x2) r4 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/udp\x00') preadv(r4, &(0x7f0000000400)=[{&(0x7f0000000340)=""/98, 0x62}, {&(0x7f0000000500)=""/134, 0x86}], 0x2, 0x3f, 0x0) 30.148102898s ago: executing program 2: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0) getsockname(r0, 0x0, &(0x7f0000000080)) 30.086706167s ago: executing program 2: r0 = syz_open_dev$usbmon(&(0x7f0000000040), 0x0, 0x0) mmap$usbmon(&(0x7f0000ff8000/0x1000)=nil, 0x1000, 0x0, 0x12, r0, 0x0) ioctl$MON_IOCT_RING_SIZE(r0, 0x9204, 0x47cdc) 30.035289705s ago: executing program 2: r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x20, 0x5ac, 0x24f, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x5, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x5}}}}]}}]}}, 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0) syz_usb_control_io(r0, &(0x7f0000000d40)={0x2c, &(0x7f0000000780)=ANY=[@ANYBLOB='\x00\x00\a'], 0x0, 0x0, 0x0, 0x0}, 0x0) syz_open_dev$hidraw(&(0x7f0000002300), 0x0, 0x0) 9.964185292s ago: executing program 0: r0 = syz_open_dev$admmidi(&(0x7f0000000140), 0x20, 0x121801) io_setup(0x3, &(0x7f0000000180)=0x0) io_submit(r1, 0x1, &(0x7f0000000800)=[&(0x7f0000000040)={0x0, 0x0, 0x0, 0x5, 0x0, r0, 0x0}]) 8.627123517s ago: executing program 1: bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x0, 0x5, 0x2}, 0x48) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={0x0}, 0x10) socket$nl_route(0x10, 0x3, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='io.stat\x00', 0x275a, 0x0) openat$hwrng(0xffffffffffffff9c, 0x0, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000200)) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8) bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) sendmsg$inet6(r1, &(0x7f00000013c0)={&(0x7f0000000100)={0xa, 0x4e23, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}, 0x1c, 0x0, 0x0, &(0x7f00000003c0)=[@rthdrdstopts={{0x18}}, @hopopts={{0x30, 0x29, 0x36, {0x0, 0x2, '\x00', [@hao={0xc9, 0x10, @private2}]}}}], 0x48}, 0x0) syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x0) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRESDEC=0x0, @ANYBLOB="0000000000000000b7080000000019007b8af8ff00000000bfa200000000000007"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1c, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={0x0, r2}, 0x10) unshare(0x60000000) unshare(0x64000600) 8.053218625s ago: executing program 4: r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002a20702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000002d00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r0}, 0x10) mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000280)='ramfs\x00', 0x0, 0x0) mount(0x0, &(0x7f0000000480)='./file0\x00', 0x0, 0x100000, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000300)='./file0\x00', 0x0, 0x0) mkdirat(r1, &(0x7f00000000c0)='./file0\x00', 0x0) mount$bind(&(0x7f0000000200)='./file0\x00', &(0x7f00000001c0)='./file0/file0\x00', 0x0, 0x65000, 0x0) mount$bind(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x80000, 0x0) mount$bind(&(0x7f0000000080)='./file0/file0\x00', &(0x7f0000000100)='./file0/file0\x00', 0x0, 0x1805002, 0x0) move_mount(0xffffffffffffff9c, &(0x7f00000003c0)='./file0\x00', r1, &(0x7f0000000140)='./file0/file0\x00', 0x0) 7.184206349s ago: executing program 3: syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x40c8, &(0x7f0000000200), 0xfb, 0x496, &(0x7f0000000f40)="$eJzs3EtsG0UfAPD/Okn7fX0llPJoKRAoiIpH0qaF9oDEQ0LiAAgJDuVo0rQqdRvUBIlWEQ2oKhckqMQdgbggcebAiRMCTkhcOMAdVapQLxRORmvvGsexHdd14jx+P2nrGWfsmf/uzu7sTtcBbFij6T9JxLaI+C0ihiOi0FhgtPpy4/rc5N/X5yaTKJdf+zNJPxZ/XZ+bzIsm2evWamYwfSlcSuLZJvXOnL9wulgqTZ3L8uOzZ94enzl/4YlTZ4onp05OnZ04evTwoYNHnpp4sidx3pa2dc9703t3v/jGlZcnj11588evk7pG18fRG0MxX7dOGj3c28r6bntdOhlsW7Sw7I2hY5sjKh11qNL/h2Pg0o7a34bjhQ/62jhgWZXL5fJE6z/Pl4F1LIl+twDoj/xEn17/5ssKDT1WhWvPVS+A0rhvZEv1omewdqE61HB920tzEXFs/p/P0iWW5T4EAMBC36Xjn8ebjf8KcWdduR3Z3NBINpeyMyJuj4hdEXFHRKXsXRFx903WP9qQXzz+KVztKrAOpeO/p7O5rXzJ6s2LjAxkue2V+IeSE6dKUweydbI/hjan+YNNvz2JyiRQ/PJxq/pH68Z/6ZLWn48Fs3ZcHdy88DPHi7PFWw48c+39iD2DzeLPJvCyOazdEbGnyzpOPfrV3oXvDNRSS8ffRvt5po6UP494pLr956Mh/lzSfn5y/H9Rmjownu8Vi/308+VXW9V/S/H3QLr9tzTd/2vxjyT187Uzi75i01J1XP79w5bXNKMRz0QX+/+m5PUFlb9bnJ09dzBiU/LS4vfrbnDn+bx8Gv/+fc37/874b03cExHpTnxvRNwXEfdn2+6BiHgwIva1if+H5x96q038fd3+kR2hOtr++Xao7gi1PWKpxMDp779tVXlnx7/DldT+7J1Ojn+dNrDLdQYAAABrSiEitkVSGKulC4Wxser/4d8VWwql6ZnZx05Mv3P2ePUZgZEYKuR3uoazfGT3P0eq+crV90TlNeJidr/0UHbf+NOB/1fyY5PTpeP9Dh42uK0t+n/qj4F+tw5Ydj2YRwPWqHb9/4sjK9gQYMV1f/43coC1bole7AcbYB1zFoeNq1n/v9iHdgArr/X5f8rQANa5Wif/pIPCdY97NT68Caw9TvKwcS3d/19Zrt+/Avqn86f4V0siSRa8E19GtP9U0v82d5H4aHU0o3UiCquiGV0niqujGTeRGOz4Vy3Oly8WS6Vfv7mVSvt9ZAIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOiNfwMAAP//oefi4g==") bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100000100000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000002d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f00000005c0)='ext4_allocate_blocks\x00', r0}, 0x10) mkdir(&(0x7f00000002c0)='./bus\x00', 0x0) 0s ago: executing program 2: r0 = socket$inet_sctp(0x2, 0x5, 0x84) getsockopt$inet_sctp_SCTP_NODELAY(r0, 0x84, 0x3, &(0x7f00000001c0), &(0x7f0000000200)=0x4) kernel console output (not intermixed with test programs): 5fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop4 scanned by syz-executor.4 (6569) [ 246.233143][ T6569] BTRFS info (device loop4): first mount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6 [ 246.249201][ T26] audit: type=1800 audit(1717805716.050:179): pid=6599 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.1" name="bus" dev="sda1" ino=1958 res=0 errno=0 [ 246.265285][ T6569] BTRFS info (device loop4): using blake2b (blake2b-256-generic) checksum algorithm [ 246.334808][ T3649] usb 1-1: USB disconnect, device number 13 [ 246.366505][ T6569] BTRFS info (device loop4): setting incompat feature flag for COMPRESS_ZSTD (0x10) [ 246.401324][ T6569] BTRFS info (device loop4): use zstd compression, level 3 [ 246.427040][ T6569] BTRFS info (device loop4): using free space tree [ 246.516238][ T6603] loop2: detected capacity change from 0 to 4096 [ 246.579793][ T6569] BTRFS info (device loop4): enabling ssd optimizations [ 246.703222][ T6569] BTRFS info (device loop4): setting incompat feature flag for COMPRESS_LZO (0x8) [ 246.832028][ T3571] BTRFS info (device loop4): last unmount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6 [ 248.156837][ T3614] usb 3-1: new high-speed USB device number 8 using dummy_hcd [ 248.163983][ T6640] loop0: detected capacity change from 0 to 2048 [ 248.236279][ T6640] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 248.254378][ T6640] ext4 filesystem being mounted at /root/syzkaller-testdir2028247218/syzkaller.DVPshy/11/file0 supports timestamps until 2038 (0x7fffffff) [ 248.406409][ T3614] usb 3-1: Using ep0 maxpacket: 8 [ 248.446477][ T6627] loop1: detected capacity change from 0 to 32768 [ 248.461896][ T6627] BTRFS: device fsid 3a492a15-ac49-4ce6-945e-cef7a687c6c9 devid 1 transid 8 /dev/loop1 scanned by syz-executor.1 (6627) [ 248.495292][ T6627] BTRFS info (device loop1): first mount of filesystem 3a492a15-ac49-4ce6-945e-cef7a687c6c9 [ 248.517380][ T6115] EXT4-fs (loop0): unmounting filesystem. [ 248.531055][ T6627] BTRFS info (device loop1): using crc32c (crc32c-intel) checksum algorithm [ 248.560802][ T3614] usb 3-1: config index 0 descriptor too short (expected 301, got 45) [ 248.575831][ T3614] usb 3-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 248.588118][ T6627] BTRFS info (device loop1): using free space tree [ 248.599279][ T3614] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 248.611806][ T3614] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 248.624069][ T3614] usb 3-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 248.638101][ T3614] usb 3-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 248.647629][ T3614] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 248.672681][ T6630] loop3: detected capacity change from 0 to 32768 [ 248.793140][ T6627] BTRFS info (device loop1): enabling ssd optimizations [ 248.827117][ T26] audit: type=1800 audit(1717805718.620:180): pid=6627 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.1" name="file1" dev="loop1" ino=260 res=0 errno=0 [ 248.880837][ T26] audit: type=1804 audit(1717805718.670:181): pid=6627 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir1407217344/syzkaller.v24REp/28/file0/file1" dev="loop1" ino=260 res=1 errno=0 [ 248.919482][ T3614] usb 3-1: usb_control_msg returned -32 [ 248.925159][ T3614] usbtmc 3-1:16.0: can't read capabilities [ 249.003153][ T6072] BTRFS info (device loop1): last unmount of filesystem 3a492a15-ac49-4ce6-945e-cef7a687c6c9 [ 249.716562][ T3614] usb 4-1: new high-speed USB device number 16 using dummy_hcd [ 249.824691][ T6669] loop4: detected capacity change from 0 to 32768 [ 250.091340][ T6678] loop0: detected capacity change from 0 to 40427 [ 250.092476][ T6694] loop4: detected capacity change from 0 to 512 [ 250.107148][ T3614] usb 4-1: config 0 has no interfaces? [ 250.112974][ T6678] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12 [ 250.123389][ T6678] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 250.149341][ T6678] F2FS-fs (loop0): invalid crc value [ 250.168767][ T6694] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 250.184881][ T6678] F2FS-fs (loop0): Found nat_bits in checkpoint [ 250.201806][ T6694] ext4 filesystem being mounted at /root/syzkaller-testdir2784063830/syzkaller.H9CEXA/216/file0 supports timestamps until 2038 (0x7fffffff) [ 250.216658][ T3614] usb 4-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 250.229751][ T3614] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 250.238060][ T3614] usb 4-1: SerialNumber: syz [ 250.244854][ T3614] usb 4-1: config 0 descriptor?? [ 250.292944][ T6694] EXT4-fs error (device loop4): ext4_readdir:260: inode #2: block 3: comm syz-executor.4: path /root/syzkaller-testdir2784063830/syzkaller.H9CEXA/216/file0: bad entry in directory: rec_len is smaller than minimal - offset=12, inode=514, rec_len=0, size=2048 fake=0 [ 250.304501][ T152] usb 3-1: USB disconnect, device number 8 [ 250.330528][ T6678] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0 [ 250.339154][ T6678] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 250.429597][ T3571] EXT4-fs (loop4): unmounting filesystem. [ 250.564953][ T6638] usb 4-1: USB disconnect, device number 16 [ 250.630606][ T1106] F2FS-fs (loop0): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix. [ 250.676785][ T1106] F2FS-fs (loop0): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix. [ 250.760400][ T26] audit: type=1800 audit(1717805720.560:182): pid=6710 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.4" name="bus" dev="sda1" ino=1956 res=0 errno=0 [ 250.795418][ T6710] input: syz0 as /devices/virtual/input/input14 [ 251.250548][ T6708] loop2: detected capacity change from 0 to 32768 [ 251.279512][ T6708] BTRFS: device fsid 3a492a15-ac49-4ce6-945e-cef7a687c6c9 devid 1 transid 8 /dev/loop2 scanned by syz-executor.2 (6708) [ 251.326563][ T6708] BTRFS info (device loop2): first mount of filesystem 3a492a15-ac49-4ce6-945e-cef7a687c6c9 [ 251.350597][ T6708] BTRFS info (device loop2): using crc32c (crc32c-intel) checksum algorithm [ 251.372272][ T6708] BTRFS info (device loop2): using free space tree [ 251.530633][ T6708] BTRFS info (device loop2): enabling ssd optimizations [ 251.587553][ T26] audit: type=1800 audit(1717805721.390:183): pid=6708 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.2" name="file1" dev="loop2" ino=260 res=0 errno=0 [ 251.699512][ T26] audit: type=1804 audit(1717805721.420:184): pid=6708 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir2822852477/syzkaller.ZqIFut/4/file0/file1" dev="loop2" ino=260 res=1 errno=0 [ 251.768128][ T6423] BTRFS info (device loop2): last unmount of filesystem 3a492a15-ac49-4ce6-945e-cef7a687c6c9 [ 252.013760][ T6717] loop1: detected capacity change from 0 to 40427 [ 252.036218][ T6717] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12 [ 252.044198][ T6717] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock [ 252.061542][ T6717] F2FS-fs (loop1): Found nat_bits in checkpoint [ 252.128876][ T6717] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0 [ 252.136074][ T6717] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 252.634767][ T6768] vivid-000: disconnect [ 252.655265][ T6767] vivid-000: reconnect [ 253.087807][ T6638] usb 3-1: new high-speed USB device number 9 using dummy_hcd [ 253.227800][ T6751] loop0: detected capacity change from 0 to 40427 [ 253.262067][ T6751] F2FS-fs (loop0): invalid crc value [ 253.305923][ T6760] loop3: detected capacity change from 0 to 40427 [ 253.314256][ T6760] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12 [ 253.323248][ T6760] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 253.334445][ T6751] F2FS-fs (loop0): Found nat_bits in checkpoint [ 253.336462][ T6638] usb 3-1: Using ep0 maxpacket: 32 [ 253.360281][ T6760] F2FS-fs (loop3): invalid crc value [ 253.390500][ T6760] F2FS-fs (loop3): Found nat_bits in checkpoint [ 253.421921][ T6751] F2FS-fs (loop0): Cannot turn on quotas: -2 on 0 [ 253.453872][ T6751] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e4 [ 253.493398][ T6760] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0 [ 253.512440][ T6760] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 253.526416][ T6751] syz-executor.0: attempt to access beyond end of device [ 253.526416][ T6751] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 253.615965][ T34] F2FS-fs (loop3): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix. [ 253.630893][ T6638] usb 3-1: New USB device found, idVendor=2c7c, idProduct=0121, bcdDevice=76.da [ 253.646746][ T6638] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 253.654797][ T6638] usb 3-1: Product: syz [ 253.661041][ T34] F2FS-fs (loop3): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix. [ 253.686499][ T6638] usb 3-1: Manufacturer: syz [ 253.691212][ T6638] usb 3-1: SerialNumber: syz [ 253.717207][ T6638] usb 3-1: config 0 descriptor?? [ 253.866413][ T152] usb 5-1: new high-speed USB device number 10 using dummy_hcd [ 253.911915][ T6774] loop1: detected capacity change from 0 to 32768 [ 253.937382][ T6774] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop1 scanned by syz-executor.1 (6774) [ 253.973381][ T3614] usb 3-1: USB disconnect, device number 9 [ 253.983119][ T6774] BTRFS info (device loop1): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 253.984811][ T6788] loop0: detected capacity change from 0 to 1024 [ 254.015518][ T6774] BTRFS info (device loop1): using sha256 (sha256-avx2) checksum algorithm [ 254.041507][ T6774] BTRFS info (device loop1): doing ref verification [ 254.062735][ T6774] BTRFS info (device loop1): enabling ssd optimizations [ 254.070295][ T6788] hfsplus: b-tree write err: -5, ino 3 [ 254.086229][ T6774] BTRFS info (device loop1): turning on sync discard [ 254.111350][ T6774] BTRFS info (device loop1): setting incompat feature flag for COMPRESS_ZSTD (0x10) [ 254.121338][ T3761] hfsplus: b-tree write err: -5, ino 3 [ 254.126958][ T152] usb 5-1: Using ep0 maxpacket: 8 [ 254.138975][ T6774] BTRFS info (device loop1): use zstd compression, level 3 [ 254.150584][ T6774] BTRFS warning (device loop1): 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead [ 254.174583][ T6774] BTRFS info (device loop1): trying to use backup root at mount time [ 254.186756][ T6774] BTRFS info (device loop1): using free space tree [ 254.246904][ T152] usb 5-1: config 179 has an invalid interface number: 65 but max is 0 [ 254.264345][ T152] usb 5-1: config 179 has no interface number 0 [ 254.279949][ T152] usb 5-1: config 179 interface 65 altsetting 12 endpoint 0xF has an invalid bInterval 64, changing to 10 [ 254.304569][ T152] usb 5-1: config 179 interface 65 altsetting 12 endpoint 0xF has invalid maxpacket 1029, setting to 1024 [ 254.320224][ T6807] 9pnet_fd: Insufficient options for proto=fd [ 254.343895][ T152] usb 5-1: config 179 interface 65 altsetting 12 endpoint 0x83 has invalid wMaxPacketSize 0 [ 254.377774][ T152] usb 5-1: config 179 interface 65 altsetting 12 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 254.395981][ T6800] loop3: detected capacity change from 0 to 4096 [ 254.417781][ T152] usb 5-1: config 179 interface 65 has no altsetting 0 [ 254.424820][ T152] usb 5-1: New USB device found, idVendor=12ab, idProduct=0004, bcdDevice= 0.00 [ 254.443978][ T152] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 254.476841][ T6786] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22 [ 254.722704][ T152] usb 5-1: USB disconnect, device number 10 [ 254.822483][ T6821] loop2: detected capacity change from 0 to 8 [ 254.877023][ T6072] BTRFS info (device loop1): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 254.980865][ T3581] Bluetooth: hci5: sending frame failed (-49) [ 255.007009][ T3582] Bluetooth: hci5: Opcode 0x1003 failed: -49 [ 255.345866][ T6829] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.0'. [ 255.520390][ T6838] loop0: detected capacity change from 0 to 1024 [ 255.582571][ T6838] overlayfs: filesystem on './file0' not supported [ 255.599547][ T1253] ieee802154 phy0 wpan0: encryption failed: -22 [ 255.605918][ T1253] ieee802154 phy1 wpan1: encryption failed: -22 [ 255.703379][ T102] hfsplus: b-tree write err: -5, ino 4 [ 256.519447][ T6831] loop4: detected capacity change from 0 to 40427 [ 256.555051][ T6831] F2FS-fs (loop4): invalid crc value [ 256.614954][ T6831] F2FS-fs (loop4): Found nat_bits in checkpoint [ 256.735297][ T6858] bond0: (slave bond_slave_1): Releasing backup interface [ 256.795299][ T6831] F2FS-fs (loop4): Cannot turn on quotas: -2 on 0 [ 256.832784][ T6849] loop3: detected capacity change from 0 to 32768 [ 256.839431][ T6861] xt_CT: You must specify a L4 protocol and not use inversions on it [ 256.862785][ T6831] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e4 [ 256.903524][ T6849] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop3 scanned by syz-executor.3 (6849) [ 256.946956][ T6831] syz-executor.4: attempt to access beyond end of device [ 256.946956][ T6831] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 256.975730][ T6849] BTRFS info (device loop3): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 257.007777][ T6849] BTRFS info (device loop3): using sha256 (sha256-avx2) checksum algorithm [ 257.061167][ T6849] BTRFS info (device loop3): doing ref verification [ 257.074889][ T6849] BTRFS info (device loop3): enabling ssd optimizations [ 257.106410][ T6849] BTRFS info (device loop3): turning on sync discard [ 257.121429][ T6849] BTRFS info (device loop3): setting incompat feature flag for COMPRESS_ZSTD (0x10) [ 257.159709][ T6849] BTRFS info (device loop3): use zstd compression, level 3 [ 257.182345][ T6849] BTRFS warning (device loop3): 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead [ 257.213276][ T6849] BTRFS info (device loop3): trying to use backup root at mount time [ 257.241067][ T26] audit: type=1800 audit(1717805727.040:185): pid=6845 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.0" name="file1" dev="sda1" ino=1964 res=0 errno=0 [ 257.267607][ T6849] BTRFS info (device loop3): using free space tree [ 257.296434][ T26] audit: type=1804 audit(1717805727.070:186): pid=6845 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir2028247218/syzkaller.DVPshy/27/file1" dev="sda1" ino=1964 res=1 errno=0 [ 257.367665][ T3613] usb 2-1: new high-speed USB device number 12 using dummy_hcd [ 257.626391][ T3613] usb 2-1: Using ep0 maxpacket: 8 [ 257.765819][ T3613] usb 2-1: config 179 has an invalid interface number: 65 but max is 0 [ 257.794539][ T6064] BTRFS info (device loop3): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 257.795054][ T3613] usb 2-1: config 179 has no interface number 0 [ 257.818262][ T3613] usb 2-1: config 179 interface 65 altsetting 12 endpoint 0xF has an invalid bInterval 64, changing to 10 [ 257.834931][ T3613] usb 2-1: config 179 interface 65 altsetting 12 endpoint 0xF has invalid maxpacket 1029, setting to 1024 [ 257.854066][ T3613] usb 2-1: config 179 interface 65 altsetting 12 endpoint 0x83 has invalid wMaxPacketSize 0 [ 257.864628][ T3613] usb 2-1: config 179 interface 65 altsetting 12 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 257.884465][ T3613] usb 2-1: config 179 interface 65 has no altsetting 0 [ 257.891996][ T3613] usb 2-1: New USB device found, idVendor=12ab, idProduct=0004, bcdDevice= 0.00 [ 257.907596][ T3613] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 257.946929][ T6864] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 258.202476][ T3613] usb 2-1: USB disconnect, device number 12 [ 258.350925][ T6895] vivid-000: disconnect [ 258.360382][ T6894] vivid-000: reconnect [ 258.776622][ T3613] usb 3-1: new high-speed USB device number 10 using dummy_hcd [ 258.924231][ T6910] netlink: 'syz-executor.1': attribute type 11 has an invalid length. [ 259.126571][ T6913] bond0: (slave bond_slave_1): Releasing backup interface [ 259.286570][ T3613] usb 3-1: config 1 interface 0 altsetting 8 endpoint 0x1 has invalid wMaxPacketSize 0 [ 259.304572][ T3613] usb 3-1: config 1 interface 0 altsetting 8 bulk endpoint 0x1 has invalid maxpacket 0 [ 259.329368][ T6920] process 'syz-executor.1' launched './file0' with NULL argv: empty string added [ 259.341043][ T3613] usb 3-1: config 1 interface 0 altsetting 8 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 259.377844][ T3613] usb 3-1: config 1 interface 0 has no altsetting 0 [ 259.556650][ T3613] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40 [ 259.565857][ T3613] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 259.594753][ T3613] usb 3-1: Product: syz [ 259.599140][ T3613] usb 3-1: Manufacturer: syz [ 259.603775][ T3613] usb 3-1: SerialNumber: syz [ 259.714040][ T6927] EXT4-fs warning (device sda1): __ext4_ioctl:1246: Setting inode version is not supported with metadata_csum enabled. [ 259.933130][ T4435] usb 3-1: USB disconnect, device number 10 [ 259.997746][ T6931] loop4: detected capacity change from 0 to 2048 [ 260.047394][ T6931] loop4: p3 < > p4 < > [ 260.051761][ T6931] loop4: partition table partially beyond EOD, truncated [ 260.065777][ T6931] loop4: p3 start 4284289 is beyond EOD, truncated [ 260.220079][ T6929] loop4: detected capacity change from 0 to 512 [ 260.244173][ T6929] EXT4-fs (loop4): can't mount with data=, fs mounted w/o journal [ 260.666740][ T4435] usb 4-1: new high-speed USB device number 17 using dummy_hcd [ 260.690825][ T6947] bond0: (slave bond_slave_1): Releasing backup interface [ 260.958650][ T4435] usb 4-1: Using ep0 maxpacket: 8 [ 261.031144][ T6959] loop2: detected capacity change from 0 to 128 [ 261.064626][ T6959] VFS: Found a Xenix FS (block size = 512) on device loop2 [ 261.093665][ T6959] sysv_free_block: trying to free block not in datazone [ 261.106926][ T4435] usb 4-1: config 179 has an invalid interface number: 65 but max is 0 [ 261.116087][ T4435] usb 4-1: config 179 has no interface number 0 [ 261.136975][ T4435] usb 4-1: config 179 interface 65 altsetting 12 endpoint 0xF has an invalid bInterval 64, changing to 10 [ 261.163195][ T4435] usb 4-1: config 179 interface 65 altsetting 12 endpoint 0xF has invalid maxpacket 1029, setting to 1024 [ 261.186371][ T4435] usb 4-1: config 179 interface 65 altsetting 12 endpoint 0x83 has invalid wMaxPacketSize 0 [ 261.208000][ T4435] usb 4-1: config 179 interface 65 altsetting 12 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 261.222546][ T6423] sysv_free_inode: inode 0,1,2 or nonexistent inode [ 261.244744][ T4435] usb 4-1: config 179 interface 65 has no altsetting 0 [ 261.252850][ T4435] usb 4-1: New USB device found, idVendor=12ab, idProduct=0004, bcdDevice= 0.00 [ 261.262412][ T4435] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 261.298226][ T6939] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 261.548705][ T6638] usb 4-1: USB disconnect, device number 17 [ 261.915545][ T6991] loop1: detected capacity change from 0 to 4096 [ 262.159254][ T6998] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 262.436038][ T7009] loop4: detected capacity change from 0 to 1024 [ 262.505023][ T7009] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 262.626038][ T7021] loop1: detected capacity change from 0 to 1024 [ 262.677700][ T7009] EXT4-fs (loop4): Online defrag not supported with bigalloc [ 262.701060][ T7021] hfsplus: bad catalog entry type [ 262.810948][ T102] hfsplus: b-tree write err: -5, ino 4 [ 262.813210][ T3571] EXT4-fs (loop4): unmounting filesystem. [ 262.888774][ T7027] xt_CT: You must specify a L4 protocol and not use inversions on it [ 264.123915][ T7046] loop2: detected capacity change from 0 to 4096 [ 264.194413][ T7051] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 264.462578][ T7055] loop3: detected capacity change from 0 to 1024 [ 264.530121][ T7055] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 264.593031][ T7035] loop4: detected capacity change from 0 to 40427 [ 264.598816][ T7055] EXT4-fs (loop3): Online defrag not supported with bigalloc [ 264.604041][ T7035] F2FS-fs (loop4): Invalid Fs Meta Ino: node(1) meta(2) root(0) [ 264.623999][ T7035] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock [ 264.637159][ T7035] F2FS-fs (loop4): invalid crc value [ 264.715135][ T6064] EXT4-fs (loop3): unmounting filesystem. [ 264.722557][ T7035] F2FS-fs (loop4): Found nat_bits in checkpoint [ 264.898080][ T7035] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0 [ 264.923861][ T7035] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 265.095837][ T3571] syz-executor.4: attempt to access beyond end of device [ 265.095837][ T3571] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 265.356581][ T6638] usb 3-1: new high-speed USB device number 11 using dummy_hcd [ 265.597230][ T6638] usb 3-1: Using ep0 maxpacket: 8 [ 265.626102][ T7090] xt_CT: You must specify a L4 protocol and not use inversions on it [ 265.716850][ T6638] usb 3-1: config 135 has an invalid interface number: 230 but max is 0 [ 265.731168][ T6638] usb 3-1: config 135 has an invalid descriptor of length 0, skipping remainder of the config [ 265.757550][ T7082] loop1: detected capacity change from 0 to 32768 [ 265.772121][ T6638] usb 3-1: config 135 has no interface number 0 [ 265.784206][ T6638] usb 3-1: config 135 interface 230 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 3 [ 265.797909][ T7082] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop1 scanned by syz-executor.1 (7082) [ 265.816207][ T7092] loop4: detected capacity change from 0 to 4096 [ 265.844093][ T7093] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 265.844383][ T7082] BTRFS info (device loop1): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 265.911931][ T7082] BTRFS info (device loop1): using crc32c (crc32c-intel) checksum algorithm [ 265.927255][ T7082] BTRFS info (device loop1): use zlib compression, level 3 [ 265.934538][ T7082] BTRFS info (device loop1): using free space tree [ 265.976700][ T6638] usb 3-1: New USB device found, idVendor=18ec, idProduct=3288, bcdDevice=3f.3a [ 265.985810][ T6638] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 266.012473][ T6638] usb 3-1: Product: syz [ 266.028322][ T6638] usb 3-1: Manufacturer: syz [ 266.032989][ T6638] usb 3-1: SerialNumber: syz [ 266.090979][ T6638] usb 3-1: Found UVC 0.00 device syz (18ec:3288) [ 266.099049][ T6638] usb 3-1: No valid video chain found. [ 266.136486][ T7082] BTRFS info (device loop1): enabling ssd optimizations [ 266.191455][ T7089] Bluetooth: hci0: Opcode 0x0c03 failed: -4 [ 266.299785][ T6638] usb 3-1: USB disconnect, device number 11 [ 266.338289][ T7116] loop3: detected capacity change from 0 to 1024 [ 266.340753][ T6072] BTRFS info (device loop1): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 266.372417][ T7116] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 266.424569][ T7116] EXT4-fs (loop3): Online defrag not supported with bigalloc [ 266.669341][ T6064] EXT4-fs (loop3): unmounting filesystem. [ 266.733604][ T7122] netlink: 66 bytes leftover after parsing attributes in process `syz-executor.3'. [ 266.951000][ T7132] loop4: detected capacity change from 0 to 1024 [ 267.564755][ T7156] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 267.589271][ T7158] loop1: detected capacity change from 0 to 512 [ 267.589508][ T7156] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 267.629918][ T7158] EXT4-fs (loop1): Cannot turn on journaled quota: type 0: error -2 [ 267.632284][ T7156] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 267.683084][ T7158] EXT4-fs (loop1): 1 truncate cleaned up [ 267.696122][ T7158] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 267.935417][ T6072] EXT4-fs (loop1): unmounting filesystem. [ 267.948327][ T7137] loop3: detected capacity change from 0 to 32768 [ 268.031221][ T7137] XFS (loop3): Mounting V5 Filesystem [ 268.187934][ T7137] XFS (loop3): Ending clean mount [ 268.205024][ T7137] XFS (loop3): Quotacheck needed: Please wait. [ 268.304826][ T7186] loop1: detected capacity change from 0 to 4096 [ 268.369378][ T7137] XFS (loop3): Quotacheck: Done. [ 268.386038][ T7186] UDF-fs: warning (device loop1): udf_load_vrs: No anchor found [ 268.397633][ T7186] UDF-fs: Scanning with blocksize 512 failed [ 268.422947][ T7186] UDF-fs: error (device loop1): udf_process_sequence: Primary Volume Descriptor not found! [ 268.471674][ T6064] XFS (loop3): Unmounting Filesystem [ 268.478568][ T7186] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 269.088490][ T7200] loop1: detected capacity change from 0 to 4096 [ 269.138156][ T7200] ntfs3: loop1: Different NTFS' sector size (2048) and media sector size (512) [ 269.160652][ T7202] loop3: detected capacity change from 0 to 4096 [ 269.210117][ T7200] ntfs3: loop1: Mark volume as dirty due to NTFS errors [ 269.225667][ T7203] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 269.258446][ T7166] loop4: detected capacity change from 0 to 32768 [ 269.404540][ T7207] loop2: detected capacity change from 0 to 512 [ 269.446523][ T7207] EXT4-fs (loop2): Cannot turn on journaled quota: type 0: error -2 [ 269.449649][ T6072] ntfs3: loop1: ntfs_evict_inode r=5 failed, -22. [ 269.454976][ T7207] EXT4-fs (loop2): 1 truncate cleaned up [ 269.467737][ T7207] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 269.525287][ T7212] loop1: detected capacity change from 0 to 1024 [ 269.691374][ T6423] EXT4-fs (loop2): unmounting filesystem. [ 270.230782][ T7227] loop3: detected capacity change from 0 to 2048 [ 270.284351][ T7227] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 270.383244][ T3761] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 270.402226][ T3761] EXT4-fs (loop3): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 1 with error 28 [ 270.419082][ T3761] EXT4-fs (loop3): This should not happen!! Data will be lost [ 270.419082][ T3761] [ 270.431039][ T3761] EXT4-fs (loop3): Total free blocks count 0 [ 270.437439][ T3761] EXT4-fs (loop3): Free/Dirty block details [ 270.443679][ T3761] EXT4-fs (loop3): free_blocks=2415919104 [ 270.449760][ T3761] EXT4-fs (loop3): dirty_blocks=16 [ 270.455132][ T3761] EXT4-fs (loop3): Block reservation details [ 270.461424][ T3761] EXT4-fs (loop3): i_reserved_data_blocks=1 [ 270.474061][ T6064] EXT4-fs (loop3): unmounting filesystem. [ 271.020349][ T7217] loop2: detected capacity change from 0 to 32768 [ 271.086832][ T7217] *** Log Format Error ! *** [ 271.092592][ T7217] lmLogInit: exit(-22) [ 271.125203][ T7217] lmLogOpen: exit(-22) [ 271.136599][ T7217] jfs_mount_rw failed, return code = -22 [ 271.261682][ T4435] usb 5-1: new high-speed USB device number 11 using dummy_hcd [ 271.516388][ T4435] usb 5-1: Using ep0 maxpacket: 16 [ 271.621894][ T26] audit: type=1326 audit(1717805741.420:187): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7263 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f14cbc7cf69 code=0x7ffc0000 [ 271.681000][ T26] audit: type=1326 audit(1717805741.420:188): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7263 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f14cbc7cf69 code=0x7ffc0000 [ 271.754377][ T26] audit: type=1326 audit(1717805741.440:189): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7263 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=260 compat=0 ip=0x7f14cbc7cf69 code=0x7ffc0000 [ 271.822389][ T26] audit: type=1326 audit(1717805741.440:190): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7263 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f14cbc7cf69 code=0x7ffc0000 [ 271.848696][ T4435] usb 5-1: New USB device found, idVendor=0403, idProduct=f850, bcdDevice=99.81 [ 271.861511][ T7266] loop2: detected capacity change from 0 to 1024 [ 271.877213][ T4435] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 271.908449][ T4435] usb 5-1: Product: syz [ 271.919569][ T4435] usb 5-1: Manufacturer: syz [ 271.938738][ T4435] usb 5-1: SerialNumber: syz [ 271.948226][ T26] audit: type=1326 audit(1717805741.440:191): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7263 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f14cbc7cf69 code=0x7ffc0000 [ 271.979833][ T4435] usb 5-1: config 0 descriptor?? [ 272.043491][ T4435] ftdi_sio 5-1:0.0: FTDI USB Serial Device converter detected [ 272.061833][ T4435] ftdi_sio ttyUSB0: unknown device type: 0x9981 [ 272.248042][ T4742] usb 5-1: USB disconnect, device number 11 [ 272.276380][ T4742] ftdi_sio 5-1:0.0: device disconnected [ 272.343915][ T7254] loop3: detected capacity change from 0 to 40427 [ 272.370961][ T7254] F2FS-fs (loop3): Invalid Fs Meta Ino: node(1) meta(2) root(0) [ 272.401202][ T7254] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 272.441901][ T7254] F2FS-fs (loop3): invalid crc value [ 272.491624][ T7254] F2FS-fs (loop3): Found nat_bits in checkpoint [ 272.518140][ T7262] loop1: detected capacity change from 0 to 32768 [ 272.537990][ T7262] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop1 scanned by syz-executor.1 (7262) [ 272.579317][ T7262] BTRFS info (device loop1): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 272.594107][ T7262] BTRFS info (device loop1): using sha256 (sha256-avx2) checksum algorithm [ 272.620032][ T7262] BTRFS info (device loop1): force zlib compression, level 3 [ 272.630191][ T7254] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0 [ 272.640047][ T7254] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 272.655602][ T7262] BTRFS info (device loop1): enabling auto defrag [ 272.676740][ T7262] BTRFS warning (device loop1): the 'inode_cache' option is deprecated and has no effect since 5.11 [ 272.702115][ T7262] BTRFS info (device loop1): max_inline at 0 [ 272.708428][ T7262] BTRFS info (device loop1): turning on flush-on-commit [ 272.715686][ T7262] BTRFS error (device loop1): unrecognized mount option 'seclabel' [ 272.750079][ T7262] BTRFS error (device loop1): open_ctree failed [ 272.804779][ T6064] syz-executor.3: attempt to access beyond end of device [ 272.804779][ T6064] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 273.145455][ T7291] loop4: detected capacity change from 0 to 1024 [ 273.168432][ T7291] hfsplus: unable to parse mount options [ 274.380833][ T7306] Dead loop on virtual device ip6_vti0, fix it urgently! [ 274.995689][ T7291] loop4: detected capacity change from 0 to 32768 [ 275.049259][ T7291] BTRFS: device fsid 24c7a497-3402-47dd-bef8-82358f5f30e0 devid 1 transid 8 /dev/loop4 scanned by syz-executor.4 (7291) [ 275.071205][ T7291] BTRFS info (device loop4): first mount of filesystem 24c7a497-3402-47dd-bef8-82358f5f30e0 [ 275.105355][ T7291] BTRFS info (device loop4): using crc32c (crc32c-intel) checksum algorithm [ 275.123072][ T7291] BTRFS info (device loop4): using free space tree [ 275.284554][ T7325] loop1: detected capacity change from 0 to 2048 [ 275.291288][ T7291] BTRFS info (device loop4): enabling ssd optimizations [ 275.311848][ T7325] NILFS (loop1): broken superblock, retrying with spare superblock (blocksize = 1024) [ 275.370421][ T7345] device bond0 entered promiscuous mode [ 275.376470][ T7345] device bond_slave_0 entered promiscuous mode [ 275.387996][ T7346] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 275.391707][ T7325] syz-executor.1: attempt to access beyond end of device [ 275.391707][ T7325] loop1: rw=524288, sector=33554430, nr_sectors = 2 limit=2048 [ 275.506997][ T7311] loop2: detected capacity change from 0 to 32768 [ 275.583193][ T7311] XFS (loop2): Mounting V5 Filesystem [ 275.688017][ T7311] XFS (loop2): Ending clean mount [ 275.695540][ T7311] XFS (loop2): Quotacheck needed: Please wait. [ 275.729045][ T7291] BTRFS info (device loop4): balance: start -sprofiles=0xc00000000000000,usage=120574..0,devid=0,vrange=7526466502315570031..7310589519818090028,limit=3472328296227680318,limit=808464446..808464432 [ 275.789394][ T7291] BTRFS info (device loop4): balance: ended with status: 0 [ 275.821979][ T7311] XFS (loop2): Quotacheck: Done. [ 275.888455][ T3571] BTRFS info (device loop4): last unmount of filesystem 24c7a497-3402-47dd-bef8-82358f5f30e0 [ 275.974539][ T6423] XFS (loop2): Unmounting Filesystem [ 276.092651][ T7364] xt_hashlimit: overflow, try lower: 3/0 [ 276.641059][ T26] audit: type=1326 audit(1717805746.440:192): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7370 comm="syz-executor.4" exe="/root/syz-executor.4" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f01ea47cf69 code=0x0 [ 277.126731][ T4946] usb 3-1: new high-speed USB device number 12 using dummy_hcd [ 277.406491][ T4946] usb 3-1: Using ep0 maxpacket: 8 [ 277.536861][ T4946] usb 3-1: config index 0 descriptor too short (expected 5924, got 36) [ 277.545191][ T4946] usb 3-1: config 250 has an invalid interface number: 228 but max is -1 [ 277.586406][ T4946] usb 3-1: config 250 has 1 interface, different from the descriptor's value: 0 [ 277.608708][ T4946] usb 3-1: config 250 has no interface number 0 [ 277.615057][ T4946] usb 3-1: config 250 interface 228 altsetting 255 endpoint 0x1 has invalid maxpacket 65280, setting to 1024 [ 277.660914][ T4946] usb 3-1: config 250 interface 228 altsetting 255 bulk endpoint 0x1 has invalid maxpacket 1024 [ 277.686367][ T4946] usb 3-1: config 250 interface 228 altsetting 255 bulk endpoint 0x82 has invalid maxpacket 26 [ 277.719674][ T4946] usb 3-1: config 250 interface 228 altsetting 255 has 2 endpoint descriptors, different from the interface descriptor's value: 17 [ 277.757498][ T4946] usb 3-1: config 250 interface 228 has no altsetting 0 [ 277.761029][ T7378] loop3: detected capacity change from 0 to 32768 [ 277.794286][ T7378] *** Log Format Error ! *** [ 277.816806][ T7378] lmLogInit: exit(-22) [ 277.829968][ T7378] lmLogOpen: exit(-22) [ 277.834114][ T7378] jfs_mount_rw failed, return code = -22 [ 277.896587][ T4946] usb 3-1: New USB device found, idVendor=0525, idProduct=d292, bcdDevice= 0.07 [ 277.912287][ T4946] usb 3-1: New USB device strings: Mfr=0, Product=106, SerialNumber=59 [ 277.946622][ T4946] usb 3-1: Product: syz [ 277.955422][ T4946] usb 3-1: SerialNumber: syz [ 278.047437][ T4946] hub 3-1:250.228: bad descriptor, ignoring hub [ 278.053763][ T4946] hub: probe of 3-1:250.228 failed with error -5 [ 278.274319][ T4946] usblp 3-1:250.228: usblp0: USB Bidirectional printer dev 12 if 228 alt 255 proto 3 vid 0x0525 pid 0xD292 [ 278.745135][ T4435] usb 3-1: USB disconnect, device number 12 [ 278.772161][ T4435] usblp0: removed [ 279.847321][ T7393] loop4: detected capacity change from 0 to 32768 [ 280.064704][ T7408] xt_hashlimit: overflow, try lower: 3/0 [ 280.336540][ T4946] usb 2-1: new high-speed USB device number 13 using dummy_hcd [ 280.977776][ T7423] loop3: detected capacity change from 0 to 2048 [ 280.988972][ T4946] usb 2-1: New USB device found, idVendor=1ae7, idProduct=9004, bcdDevice=c6.97 [ 281.006799][ T4946] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 281.023178][ T4946] usb 2-1: Product: syz [ 281.028395][ T7423] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 281.031178][ T4946] usb 2-1: Manufacturer: syz [ 281.058950][ T4946] usb 2-1: SerialNumber: syz [ 281.073418][ T4946] usb 2-1: config 0 descriptor?? [ 281.347140][ T3565] usb 2-1: USB disconnect, device number 13 [ 281.360878][ T26] audit: type=1804 audit(1717805751.160:193): pid=7431 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir2822852477/syzkaller.ZqIFut/47/bus" dev="sda1" ino=1951 res=1 errno=0 [ 281.413201][ T26] audit: type=1804 audit(1717805751.190:194): pid=7431 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.2" name="/root/syzkaller-testdir2822852477/syzkaller.ZqIFut/47/bus" dev="sda1" ino=1951 res=1 errno=0 [ 281.461298][ T26] audit: type=1804 audit(1717805751.190:195): pid=7431 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir2822852477/syzkaller.ZqIFut/47/bus" dev="sda1" ino=1951 res=1 errno=0 [ 281.686858][ T4946] usb 4-1: new high-speed USB device number 18 using dummy_hcd [ 281.725798][ T7435] loop2: detected capacity change from 0 to 2048 [ 281.773025][ T7435] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 281.907804][ T4640] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 281.946687][ T4946] usb 4-1: Using ep0 maxpacket: 32 [ 281.956534][ T4640] EXT4-fs (loop2): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 1 with error 28 [ 281.986622][ T4640] EXT4-fs (loop2): This should not happen!! Data will be lost [ 281.986622][ T4640] [ 282.006412][ T4640] EXT4-fs (loop2): Total free blocks count 0 [ 282.012495][ T4640] EXT4-fs (loop2): Free/Dirty block details [ 282.021755][ T4640] EXT4-fs (loop2): free_blocks=2415919104 [ 282.039050][ T4640] EXT4-fs (loop2): dirty_blocks=16 [ 282.044276][ T4640] EXT4-fs (loop2): Block reservation details [ 282.050393][ T4640] EXT4-fs (loop2): i_reserved_data_blocks=1 [ 282.068885][ T6423] EXT4-fs (loop2): unmounting filesystem. [ 282.106742][ T4946] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x85 has an invalid bInterval 0, changing to 7 [ 282.130276][ T4946] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x85 has invalid wMaxPacketSize 0 [ 282.178510][ T7444] loop1: detected capacity change from 0 to 256 [ 282.212752][ T7444] exFAT-fs (loop1): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x421408f7, utbl_chksum : 0xe619d30d) [ 282.252437][ T7444] exFAT-fs (loop1): bogus allocation bitmap size(need : 2, cur : 17179869186) [ 282.281936][ T26] audit: type=1326 audit(1717805752.080:196): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7443 comm="syz-executor.1" exe="/root/syz-executor.1" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fca92a7cf69 code=0x0 [ 282.362173][ T4946] usb 4-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79 [ 282.375908][ T4946] usb 4-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2 [ 282.401233][ T4946] usb 4-1: Product: syz [ 282.412391][ T4946] usb 4-1: Manufacturer: syz [ 282.423298][ T4946] usb 4-1: SerialNumber: syz [ 282.438740][ T4946] usb 4-1: config 0 descriptor?? [ 282.446494][ T3565] usb 5-1: new high-speed USB device number 12 using dummy_hcd [ 282.743512][ T7452] xt_hashlimit: overflow, try lower: 3/0 [ 282.766987][ T4946] usb 4-1: USB disconnect, device number 18 [ 282.855080][ T7448] loop2: detected capacity change from 0 to 32768 [ 282.884804][ T7448] XFS (loop2): Mounting V5 Filesystem [ 282.896403][ T3565] usb 5-1: Using ep0 maxpacket: 8 [ 282.932565][ T3582] Bluetooth: hci1: unexpected event 0x2f length: 763 > 260 [ 282.969199][ T7448] XFS (loop2): Ending clean mount [ 282.988047][ T6072] exFAT-fs (loop1): error, invalid access to FAT free cluster (entry 0x00000005) [ 282.998232][ T6072] exFAT-fs (loop1): Filesystem has been set read-only [ 283.007122][ T7448] XFS (loop2): Quotacheck needed: Please wait. [ 283.014403][ T6072] exFAT-fs (loop1): error, invalid access to FAT free cluster (entry 0x00000005) [ 283.024508][ T3565] usb 5-1: config 179 has an invalid interface number: 65 but max is 0 [ 283.035780][ T3565] usb 5-1: config 179 has no interface number 0 [ 283.043118][ T3565] usb 5-1: config 179 interface 65 altsetting 12 endpoint 0xF has an invalid bInterval 64, changing to 10 [ 283.054840][ T3565] usb 5-1: config 179 interface 65 altsetting 12 endpoint 0xF has invalid maxpacket 1029, setting to 1024 [ 283.074481][ T7448] XFS (loop2): Quotacheck: Done. [ 283.090941][ T3565] usb 5-1: config 179 interface 65 altsetting 12 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 283.115006][ T3565] usb 5-1: config 179 interface 65 altsetting 12 endpoint 0x83 has invalid wMaxPacketSize 0 [ 283.137857][ T3565] usb 5-1: config 179 interface 65 altsetting 12 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 283.151532][ T3565] usb 5-1: config 179 interface 65 has no altsetting 0 [ 283.158780][ T3565] usb 5-1: New USB device found, idVendor=12ab, idProduct=0004, bcdDevice= 0.00 [ 283.168182][ T3565] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 283.181277][ T6423] XFS (loop2): Unmounting Filesystem [ 283.215112][ T7446] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22 [ 283.322939][ T3565] input: Honey Bee Xbox360 dancepad as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:179.65/input/input15 [ 283.458022][ T7] usb 5-1: USB disconnect, device number 12 [ 283.466400][ C0] xpad 5-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19 [ 283.479097][ T7] xpad 5-1:179.65: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -19 [ 283.545085][ T34] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 283.553679][ T26] audit: type=1326 audit(1717805753.340:197): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7474 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f14cbc7cf69 code=0x7ffc0000 [ 283.616209][ T26] audit: type=1326 audit(1717805753.380:198): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7474 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f14cbc7cf69 code=0x7ffc0000 [ 283.680938][ T26] audit: type=1326 audit(1717805753.380:199): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7474 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f14cbc7cf69 code=0x7ffc0000 [ 283.689457][ T34] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 283.783141][ T26] audit: type=1326 audit(1717805753.380:200): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7474 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=272 compat=0 ip=0x7f14cbc7cf69 code=0x7ffc0000 [ 283.864744][ T26] audit: type=1326 audit(1717805753.380:201): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7474 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f14cbc7cf69 code=0x7ffc0000 [ 283.898616][ T7484] trusted_key: encrypted_key: key user:syz not found [ 283.912828][ T34] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 283.951913][ T26] audit: type=1326 audit(1717805753.390:202): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7474 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f14cbc7cf69 code=0x7ffc0000 [ 284.003099][ T26] audit: type=1326 audit(1717805753.390:203): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7474 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f14cbc7cf69 code=0x7ffc0000 [ 284.046257][ T26] audit: type=1326 audit(1717805753.390:204): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7474 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f14cbc7cf69 code=0x7ffc0000 [ 284.082404][ T26] audit: type=1326 audit(1717805753.390:205): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7474 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f14cbc7cf69 code=0x7ffc0000 [ 284.085686][ T34] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 284.546398][ T154] usb 5-1: new high-speed USB device number 13 using dummy_hcd [ 284.589217][ T3581] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 284.602740][ T3581] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 284.612976][ T3581] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 284.621898][ T3581] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 284.632860][ T3581] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 284.640959][ T3581] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 284.806515][ T154] usb 5-1: Using ep0 maxpacket: 32 [ 284.861197][ T7477] loop3: detected capacity change from 0 to 32768 [ 284.914895][ T7477] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop3 scanned by syz-executor.3 (7477) [ 284.946656][ T154] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x85 has an invalid bInterval 0, changing to 7 [ 284.981072][ T154] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x85 has invalid wMaxPacketSize 0 [ 285.019782][ T7477] BTRFS info (device loop3): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 285.034760][ T7477] BTRFS info (device loop3): using sha256 (sha256-avx2) checksum algorithm [ 285.056963][ T7477] BTRFS info (device loop3): using free space tree [ 285.176617][ T154] usb 5-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79 [ 285.185728][ T154] usb 5-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2 [ 285.194014][ T154] usb 5-1: Product: syz [ 285.198729][ T154] usb 5-1: Manufacturer: syz [ 285.203408][ T154] usb 5-1: SerialNumber: syz [ 285.210287][ T154] usb 5-1: config 0 descriptor?? [ 285.230525][ T7477] BTRFS info (device loop3): enabling ssd optimizations [ 285.311554][ T7500] chnl_net:caif_netlink_parms(): no params data found [ 285.474884][ T3565] usb 5-1: USB disconnect, device number 13 [ 285.590477][ T34] device hsr_slave_0 left promiscuous mode [ 285.599052][ T34] device hsr_slave_1 left promiscuous mode [ 285.605895][ T34] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 285.614585][ T34] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 285.632074][ T34] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 285.643600][ T34] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 285.698974][ T6064] BTRFS info (device loop3): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 285.709963][ T34] device bridge_slave_1 left promiscuous mode [ 285.716199][ T34] bridge0: port 2(bridge_slave_1) entered disabled state [ 285.746530][ T34] device bridge_slave_0 left promiscuous mode [ 285.753012][ T34] bridge0: port 1(bridge_slave_0) entered disabled state [ 286.014021][ T34] device veth1_macvtap left promiscuous mode [ 286.067034][ T34] device veth0_macvtap left promiscuous mode [ 286.080331][ T34] device veth1_vlan left promiscuous mode [ 286.097716][ T34] device veth0_vlan left promiscuous mode [ 286.306595][ T4679] usb 5-1: new high-speed USB device number 14 using dummy_hcd [ 288.886565][ T34] team0 (unregistering): Port device team_slave_1 removed [ 288.955648][ T34] team0 (unregistering): Port device team_slave_0 removed [ 289.026740][ T34] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 289.081703][ T3581] Bluetooth: hci3: command tx timeout [ 289.156554][ T4679] usb 5-1: device descriptor read/all, error -71 [ 289.233640][ T7550] loop2: detected capacity change from 0 to 1024 [ 289.233821][ T3582] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 289.257208][ T3582] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 289.269686][ T3582] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 289.280539][ T3582] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 289.303485][ T3582] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 289.313845][ T3582] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 289.344029][ T34] bond0 (unregistering): Released all slaves [ 289.414686][ T7500] bridge0: port 1(bridge_slave_0) entered blocking state [ 289.424874][ T7500] bridge0: port 1(bridge_slave_0) entered disabled state [ 289.441946][ T7500] device bridge_slave_0 entered promiscuous mode [ 289.469500][ T7500] bridge0: port 2(bridge_slave_1) entered blocking state [ 289.484562][ T7500] bridge0: port 2(bridge_slave_1) entered disabled state [ 289.495634][ T7500] device bridge_slave_1 entered promiscuous mode [ 289.587958][ T7500] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 289.620277][ T7500] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 289.751290][ T7500] team0: Port device team_slave_0 added [ 289.793073][ T7500] team0: Port device team_slave_1 added [ 289.861160][ T7500] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 289.875330][ T7500] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 289.907458][ T7500] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 289.935773][ T7500] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 289.945383][ T7500] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 289.976627][ T7500] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 290.056552][ T4679] usb 5-1: new high-speed USB device number 15 using dummy_hcd [ 290.081173][ T7500] device hsr_slave_0 entered promiscuous mode [ 290.105805][ T7500] device hsr_slave_1 entered promiscuous mode [ 290.131197][ T7500] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 290.150305][ T7500] Cannot create hsr debugfs directory [ 290.462519][ T7551] chnl_net:caif_netlink_parms(): no params data found [ 290.700594][ T6638] usb 3-1: new high-speed USB device number 13 using dummy_hcd [ 290.763684][ T4679] usb 5-1: Using ep0 maxpacket: 16 [ 291.113158][ T7551] bridge0: port 1(bridge_slave_0) entered blocking state [ 291.127018][ T7551] bridge0: port 1(bridge_slave_0) entered disabled state [ 291.155343][ T7551] device bridge_slave_0 entered promiscuous mode [ 291.166895][ T6638] usb 3-1: Using ep0 maxpacket: 8 [ 291.196881][ T7551] bridge0: port 2(bridge_slave_1) entered blocking state [ 291.207026][ T4679] usb 5-1: New USB device found, idVendor=0403, idProduct=f850, bcdDevice=99.81 [ 291.223588][ T4679] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 291.241953][ T7551] bridge0: port 2(bridge_slave_1) entered disabled state [ 291.259401][ T4679] usb 5-1: Product: syz [ 291.275527][ T4679] usb 5-1: Manufacturer: syz [ 291.280764][ T7551] device bridge_slave_1 entered promiscuous mode [ 291.296646][ T6638] usb 3-1: config 179 has an invalid interface number: 65 but max is 0 [ 291.306262][ T6638] usb 3-1: config 179 has no interface number 0 [ 291.307386][ T4679] usb 5-1: SerialNumber: syz [ 291.323195][ T6638] usb 3-1: config 179 interface 65 altsetting 12 endpoint 0xF has an invalid bInterval 64, changing to 10 [ 291.325878][ T3582] Bluetooth: hci3: command tx timeout [ 291.356442][ T3582] Bluetooth: hci2: command tx timeout [ 291.390032][ T6638] usb 3-1: config 179 interface 65 altsetting 12 endpoint 0xF has invalid maxpacket 1029, setting to 1024 [ 291.403798][ T4679] usb 5-1: config 0 descriptor?? [ 291.409129][ T6638] usb 3-1: config 179 interface 65 altsetting 12 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 291.421001][ T6638] usb 3-1: config 179 interface 65 altsetting 12 endpoint 0x83 has invalid wMaxPacketSize 0 [ 291.433278][ T6638] usb 3-1: config 179 interface 65 altsetting 12 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 291.449758][ T4679] ftdi_sio 5-1:0.0: FTDI USB Serial Device converter detected [ 291.452017][ T7551] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 291.457627][ T6638] usb 3-1: config 179 interface 65 has no altsetting 0 [ 291.457669][ T6638] usb 3-1: New USB device found, idVendor=12ab, idProduct=0004, bcdDevice= 0.00 [ 291.457695][ T6638] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 291.459274][ T4679] ftdi_sio ttyUSB0: unknown device type: 0x9981 [ 291.521576][ T7569] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22 [ 291.545572][ T7551] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 291.562133][ T6638] input: Honey Bee Xbox360 dancepad as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:179.65/input/input16 [ 291.809332][ T154] usb 5-1: USB disconnect, device number 15 [ 291.821099][ T154] ftdi_sio 5-1:0.0: device disconnected [ 291.822301][ T7551] team0: Port device team_slave_0 added [ 291.860886][ T4742] usb 3-1: USB disconnect, device number 13 [ 291.876491][ T4742] xpad 3-1:179.65: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -19 [ 293.504953][ T3582] Bluetooth: hci3: command tx timeout [ 293.510604][ T3582] Bluetooth: hci2: command tx timeout [ 294.524536][ T7551] team0: Port device team_slave_1 added [ 295.480191][ T7586] loop4: detected capacity change from 0 to 8 [ 295.523341][ T7586] SQUASHFS error: Failed to read block 0x1ea: -5 [ 295.531238][ T7586] unable to read xattr id index table [ 295.596562][ T3582] Bluetooth: hci3: command tx timeout [ 295.602178][ T3581] Bluetooth: hci2: command tx timeout [ 295.604406][ T7551] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 295.626635][ T7551] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 295.655440][ T7551] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 295.713969][ T7551] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 295.726841][ T7551] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 295.765774][ T26] audit: type=1326 audit(1717805765.560:206): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7594 comm="syz-executor.4" exe="/root/syz-executor.4" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f01ea47cf69 code=0x0 [ 295.806414][ T7551] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 296.475530][ T7602] loop0: detected capacity change from 0 to 7 [ 296.596707][ T7500] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 296.725371][ T7551] device hsr_slave_0 entered promiscuous mode [ 296.745040][ T7551] device hsr_slave_1 entered promiscuous mode [ 296.770432][ T7551] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 296.796108][ T7551] Cannot create hsr debugfs directory [ 296.819828][ T7500] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 296.911189][ T7500] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 296.973667][ T7500] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 296.991048][ T7602] Dev loop0: unable to read RDB block 7 [ 297.009874][ T7602] loop0: unable to read partition table [ 297.039247][ T7602] loop0: partition table beyond EOD, truncated [ 297.066484][ T7602] loop_reread_partitions: partition scan of loop0 (þ被xüŸÑø éÚ¬§½dƤ´à–ƒÝ¡¯¨â·û [ 297.066484][ T7602] ) failed (rc=-5) [ 297.491846][ T7551] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 297.541116][ T7500] 8021q: adding VLAN 0 to HW filter on device bond0 [ 297.624808][ T7551] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 297.671785][ T7500] 8021q: adding VLAN 0 to HW filter on device team0 [ 297.678552][ T3582] Bluetooth: hci2: command tx timeout [ 297.693212][ T4946] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 297.703769][ T4946] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 297.746166][ T7551] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 297.790842][ T7615] loop4: detected capacity change from 0 to 2048 [ 297.831103][ T4435] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 297.834122][ T7615] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 297.844020][ T4435] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 297.875039][ T4435] bridge0: port 1(bridge_slave_0) entered blocking state [ 297.882330][ T4435] bridge0: port 1(bridge_slave_0) entered forwarding state [ 297.896110][ T4435] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 297.905954][ T4435] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 297.914760][ T4435] bridge0: port 2(bridge_slave_1) entered blocking state [ 297.921992][ T4435] bridge0: port 2(bridge_slave_1) entered forwarding state [ 297.936672][ T26] audit: type=1800 audit(1717805767.730:207): pid=7615 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.4" name="bus" dev="loop4" ino=1367 res=0 errno=0 [ 297.965832][ T7551] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 297.997745][ T3649] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 298.005993][ T3649] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 298.049992][ T3649] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 298.147193][ T6638] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 298.169576][ T6638] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 298.219775][ T6638] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 298.229691][ T6638] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 298.243342][ T6638] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 298.255131][ T6638] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 298.267030][ T6638] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 298.286449][ T4679] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 298.295197][ T4679] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 298.314344][ T7500] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 298.644545][ T7551] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 298.715660][ T7551] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 298.754290][ T7551] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 298.914171][ T7551] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 299.112953][ T7625] loop4: detected capacity change from 0 to 1024 [ 299.873163][ T7551] 8021q: adding VLAN 0 to HW filter on device bond0 [ 299.891621][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 299.916833][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 299.931518][ T7500] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 299.967418][ T7551] 8021q: adding VLAN 0 to HW filter on device team0 [ 299.977798][ T4679] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 299.992871][ T4679] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 300.007240][ T7635] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.4'. [ 300.052247][ T4435] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 300.077514][ T4435] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 300.086070][ T4435] bridge0: port 1(bridge_slave_0) entered blocking state [ 300.093232][ T4435] bridge0: port 1(bridge_slave_0) entered forwarding state [ 300.117314][ T4435] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 300.205999][ T7637] team0: Port device bridge2 added [ 300.217737][ T3649] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 300.237138][ T3649] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 300.267098][ T3649] bridge0: port 2(bridge_slave_1) entered blocking state [ 300.274258][ T3649] bridge0: port 2(bridge_slave_1) entered forwarding state [ 300.296775][ T3649] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 300.305860][ T3649] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 300.376395][ T3649] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 300.399225][ T3649] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 300.434761][ T3649] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 300.458617][ T3649] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 300.487255][ T3649] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 300.496254][ T3649] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 300.507288][ T3649] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 300.515934][ T3649] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 300.551433][ T3649] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 300.580766][ T3649] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 300.601168][ T7644] loop0: detected capacity change from 0 to 7 [ 300.611776][ T3649] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 300.625245][ T7644] Dev loop0: unable to read RDB block 7 [ 300.633967][ T7551] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 300.646638][ T7644] loop0: AHDI p3 p4 [ 300.650622][ T7644] loop0: partition table partially beyond EOD, truncated [ 300.676486][ T7644] loop0: p3 start 6514546 is beyond EOD, truncated [ 300.696111][ T4682] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 300.718564][ T4682] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 300.741768][ T7500] device veth0_vlan entered promiscuous mode [ 300.802991][ T7500] device veth1_vlan entered promiscuous mode [ 300.841745][ T4679] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 300.851072][ T4679] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 300.883551][ T4679] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 300.965106][ T4679] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 300.978495][ T4679] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 300.993831][ T4679] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 301.024100][ T7500] device veth0_macvtap entered promiscuous mode [ 301.091187][ T7500] device veth1_macvtap entered promiscuous mode [ 301.166121][ T7647] loop4: detected capacity change from 0 to 4096 [ 301.191273][ T7500] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 301.240919][ T7500] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 301.288322][ T7500] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 301.315670][ T7500] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 301.376460][ T26] audit: type=1800 audit(1717805771.170:208): pid=7647 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.4" name="bus" dev="loop4" ino=34 res=0 errno=0 [ 301.404434][ T7500] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 301.450922][ T7500] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 301.527949][ T7500] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 301.538594][ T7500] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 301.550460][ T7500] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 301.571343][ T7500] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 302.923800][ T7500] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 302.945596][ T7500] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 302.998047][ T7500] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 303.013819][ T7500] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 303.027532][ T7500] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 303.044579][ T7500] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 303.060264][ T7500] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 303.080341][ T7500] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 303.116813][ T4679] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 303.125162][ T4679] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 303.157171][ T4679] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 303.166226][ T4679] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 303.187347][ T4679] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 303.200467][ T4679] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 303.227747][ T7500] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 303.254160][ T7500] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 303.273498][ T7500] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 303.293151][ T7500] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 303.315349][ T7663] ALSA: seq fatal error: cannot create timer (-22) [ 303.546997][ T4947] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 303.555154][ T4947] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 303.569961][ T7551] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 304.858919][ T46] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 304.879192][ T46] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 304.957429][ T5263] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 304.965830][ T5263] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 305.064404][ T4435] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 305.082749][ T4435] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 305.097479][ T7672] loop4: detected capacity change from 0 to 128 [ 305.153076][ T4947] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 305.165761][ T4947] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 305.213301][ T3582] Bluetooth: hci3: unexpected event 0x2f length: 763 > 260 [ 305.217934][ T34] device hsr_slave_0 left promiscuous mode [ 305.247499][ T26] audit: type=1804 audit(1717805775.040:209): pid=7672 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.4" name="/root/syzkaller-testdir2784063830/syzkaller.H9CEXA/274/file1/file1" dev="loop4" ino=1048688 res=1 errno=0 [ 305.274402][ T34] device hsr_slave_1 left promiscuous mode [ 305.314835][ T34] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 305.331775][ T34] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 305.359394][ T34] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 305.391572][ T34] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 305.392074][ T7679] loop1: detected capacity change from 0 to 1024 [ 305.498501][ T34] device bridge_slave_1 left promiscuous mode [ 305.504898][ T34] bridge0: port 2(bridge_slave_1) entered disabled state [ 305.516121][ T26] audit: type=1804 audit(1717805775.320:210): pid=7682 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.4" name="/root/syzkaller-testdir2784063830/syzkaller.H9CEXA/275/bus" dev="sda1" ino=1960 res=1 errno=0 [ 305.565418][ T1106] hfsplus: b-tree write err: -5, ino 4 [ 305.577332][ T34] device bridge_slave_0 left promiscuous mode [ 305.585760][ T34] bridge0: port 1(bridge_slave_0) entered disabled state [ 305.606422][ T26] audit: type=1804 audit(1717805775.320:211): pid=7682 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.4" name="/root/syzkaller-testdir2784063830/syzkaller.H9CEXA/275/bus" dev="sda1" ino=1960 res=1 errno=0 [ 305.654776][ T34] device veth1_macvtap left promiscuous mode [ 305.663606][ T34] device veth0_macvtap left promiscuous mode [ 305.673080][ T34] device veth1_vlan left promiscuous mode [ 305.690009][ T34] device veth0_vlan left promiscuous mode [ 305.808633][ T7688] loop2: detected capacity change from 0 to 256 [ 305.858093][ T7688] exFAT-fs (loop2): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d) [ 306.185079][ T34] team0 (unregistering): Port device team_slave_1 removed [ 306.374693][ T7702] loop2: detected capacity change from 0 to 1024 [ 306.485926][ T7685] Falling back ldisc for ptm0. [ 307.105464][ T34] team0 (unregistering): Port device team_slave_0 removed [ 307.170447][ T34] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 307.200888][ T7707] loop1: detected capacity change from 0 to 128 [ 307.260867][ T7707] ext4: Bad value for 'auto_da_alloc' [ 307.457462][ T34] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 308.746520][ T34] bond0 (unregistering): Released all slaves [ 308.844320][ T3582] Bluetooth: hci1: unexpected event 0x2f length: 763 > 260 [ 308.921058][ T4435] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 308.956661][ T4946] usb 2-1: new high-speed USB device number 14 using dummy_hcd [ 308.971728][ T4435] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 308.989278][ T3649] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 309.005003][ T3649] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 309.039065][ T7551] device veth0_vlan entered promiscuous mode [ 309.081176][ T7551] device veth1_vlan entered promiscuous mode [ 309.094004][ T7721] loop2: detected capacity change from 0 to 64 [ 309.155072][ T4947] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 309.174952][ T4947] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 309.191147][ T4947] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 309.205056][ T4947] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 309.223629][ T7551] device veth0_macvtap entered promiscuous mode [ 309.244711][ T7551] device veth1_macvtap entered promiscuous mode [ 309.340974][ T7551] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 309.367841][ T7551] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 309.386833][ T4946] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 309.393896][ T7551] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 309.411522][ T4946] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 309.425120][ T7551] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 309.442880][ T7551] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 309.473195][ T7551] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 309.474186][ T4946] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 309.497005][ T7732] syz-executor.4 (pid 7732) is setting deprecated v1 encryption policy; recommend upgrading to v2. [ 309.498058][ T7551] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 309.530680][ T7551] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 309.554821][ T7551] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 309.561408][ T4946] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 309.571012][ T7734] netlink: 10 bytes leftover after parsing attributes in process `syz-executor.0'. [ 309.586225][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 309.602858][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 309.604317][ T4946] usb 2-1: config 0 descriptor?? [ 309.627823][ T26] audit: type=1326 audit(1717805779.430:212): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7730 comm="syz-executor.4" exe="/root/syz-executor.4" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f01ea47cf69 code=0x0 [ 309.653959][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 309.687797][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 309.719862][ T7551] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 309.742079][ T7551] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 309.764564][ T7551] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 309.788928][ T7551] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 309.810568][ T7551] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 309.848775][ T7551] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 309.876522][ T7551] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 309.895287][ T7551] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 309.925904][ T7551] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 309.950847][ T3613] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 309.970915][ T3613] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 310.003202][ T7551] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 310.038235][ T7551] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 310.056437][ T7551] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 310.072208][ T3582] Bluetooth: hci1: unexpected cc 0x0402 length: 65 > 1 [ 310.076454][ T7551] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 310.098502][ T4946] plantronics 0003:047F:FFFF.000A: unknown main item tag 0x0 [ 310.108976][ T4946] plantronics 0003:047F:FFFF.000A: No inputs registered, leaving [ 310.154544][ T4946] plantronics 0003:047F:FFFF.000A: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0 [ 310.274430][ T7732] fscrypt: Adiantum using implementation "adiantum(xchacha12-simd,aes-aesni,nhpoly1305-avx2)" [ 310.408332][ T102] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 310.429159][ T102] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 310.480014][ T4435] usb 2-1: USB disconnect, device number 14 [ 310.503749][ T4742] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 310.536500][ T4479] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 310.544901][ T4479] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 310.603733][ T3613] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 311.050791][ T7785] netlink: 'syz-executor.2': attribute type 1 has an invalid length. [ 311.173192][ T7785] device bond1 entered promiscuous mode [ 311.197483][ T7789] bond0: (slave bond_slave_0): Releasing backup interface [ 311.277721][ T7789] bond1: (slave bond_slave_0): making interface the new active one [ 311.296513][ T7789] device bond_slave_0 entered promiscuous mode [ 311.305129][ T7789] bond1: (slave bond_slave_0): Enslaving as an active interface with an up link [ 311.866516][ T7] usb 3-1: new high-speed USB device number 14 using dummy_hcd [ 311.959317][ T7782] loop3: detected capacity change from 0 to 32768 [ 311.968038][ T7782] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop3 scanned by syz-executor.3 (7782) [ 311.983085][ T7782] BTRFS info (device loop3): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 311.993806][ T7782] BTRFS info (device loop3): using sha256 (sha256-avx2) checksum algorithm [ 312.004034][ T7782] BTRFS info (device loop3): turning on flush-on-commit [ 312.011235][ T7782] BTRFS info (device loop3): turning off barriers [ 312.018089][ T7782] BTRFS info (device loop3): doing ref verification [ 312.026466][ T7782] BTRFS info (device loop3): force clearing of disk cache [ 312.033651][ T7782] BTRFS info (device loop3): enabling disk space caching [ 312.055404][ T7803] loop4: detected capacity change from 0 to 164 [ 312.061901][ T7782] BTRFS info (device loop3): turning on sync discard [ 312.068787][ T7782] BTRFS info (device loop3): using default commit interval 30s [ 312.098407][ T7782] BTRFS info (device loop3): disk space caching is enabled [ 312.108525][ T7] usb 3-1: Using ep0 maxpacket: 16 [ 312.154985][ T7803] iso9660: Corrupted directory entry in block 4 of inode 1792 [ 312.226611][ T7] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 312.237564][ T7] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0 [ 312.247367][ T7] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0 [ 312.258118][ T7] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3 [ 312.346061][ T7782] BTRFS info (device loop3): enabling ssd optimizations [ 312.346740][ T7] usb 3-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42 [ 312.362587][ T7782] BTRFS info (device loop3): rebuilding free space tree [ 312.371535][ T7] usb 3-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0 [ 312.379837][ T7] usb 3-1: Manufacturer: syz [ 312.379878][ T26] audit: type=1326 audit(1717805782.190:213): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7827 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fcae0c7cf69 code=0x0 [ 312.408017][ T7] usb 3-1: config 0 descriptor?? [ 312.487687][ T7782] BTRFS info (device loop3): disabling free space tree [ 312.506639][ T7782] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 312.526429][ T7782] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 312.672218][ T3613] usb 3-1: USB disconnect, device number 14 [ 312.826543][ T4435] usb 2-1: new high-speed USB device number 15 using dummy_hcd [ 313.001703][ T7551] BTRFS info (device loop3): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 313.222529][ T4435] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 313.266912][ T4435] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 313.307741][ T4435] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 313.339478][ T4435] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 313.370239][ T4435] usb 2-1: config 0 descriptor?? [ 313.652273][ T7853] serio: Serial port pts0 [ 313.869858][ T7862] netlink: 'syz-executor.4': attribute type 10 has an invalid length. [ 313.875522][ T4435] plantronics 0003:047F:FFFF.000B: unknown main item tag 0x0 [ 313.883731][ T7862] netlink: 40 bytes leftover after parsing attributes in process `syz-executor.4'. [ 313.892741][ T4435] plantronics 0003:047F:FFFF.000B: No inputs registered, leaving [ 313.916939][ T7862] device ipvlan1 entered promiscuous mode [ 313.925778][ T7862] bridge0: port 3(ipvlan1) entered blocking state [ 313.938646][ T4435] plantronics 0003:047F:FFFF.000B: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0 [ 313.942232][ T7862] bridge0: port 3(ipvlan1) entered disabled state [ 313.981075][ T7862] A link change request failed with some changes committed already. Interface ipvlan1 may have been left with an inconsistent configuration, please check. [ 314.016997][ T7863] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.3'. [ 314.158252][ T3582] Bluetooth: hci1: Controller not accepting commands anymore: ncmd = 0 [ 314.167636][ T3582] Bluetooth: hci1: Injecting HCI hardware error event [ 314.191614][ T3581] Bluetooth: hci1: hardware error 0x00 [ 314.240491][ T26] audit: type=1800 audit(1717805784.040:214): pid=7849 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.0" name="file1" dev="sda1" ino=1963 res=0 errno=0 [ 314.255837][ T7866] loop4: detected capacity change from 0 to 2048 [ 314.287355][ T7866] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 314.294228][ T4435] usb 2-1: USB disconnect, device number 15 [ 314.379022][ T7873] fuse: Unknown parameter 'roèÌmod¶000000000000000000400' [ 314.444303][ T26] audit: type=1800 audit(1717805784.240:215): pid=7873 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.4" name="file1" dev="sda1" ino=1945 res=0 errno=0 [ 315.065874][ T7896] serio: Serial port pts0 [ 315.167275][ T7901] netlink: 'syz-executor.4': attribute type 10 has an invalid length. [ 315.191522][ T7901] netlink: 40 bytes leftover after parsing attributes in process `syz-executor.4'. [ 315.206598][ T3613] usb 2-1: new high-speed USB device number 16 using dummy_hcd [ 315.237061][ T7901] bridge0: port 3(ipvlan1) entered blocking state [ 315.259568][ T7901] bridge0: port 3(ipvlan1) entered disabled state [ 315.298323][ T7901] A link change request failed with some changes committed already. Interface ipvlan1 may have been left with an inconsistent configuration, please check. [ 315.348685][ T3582] Bluetooth: hci2: unexpected cc 0x0402 length: 65 > 1 [ 315.378432][ T26] audit: type=1800 audit(1717805785.180:216): pid=7904 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.0" name="bus" dev="overlay" ino=1963 res=0 errno=0 [ 315.456648][ T3613] usb 2-1: Using ep0 maxpacket: 32 [ 315.560471][ T7915] loop4: detected capacity change from 0 to 1024 [ 315.579531][ T3613] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 36 [ 315.623015][ T7915] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 315.655989][ T7884] loop2: detected capacity change from 0 to 32768 [ 315.675585][ T7884] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop2 scanned by syz-executor.2 (7884) [ 315.709761][ T7884] BTRFS info (device loop2): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 315.720959][ T7884] BTRFS info (device loop2): using sha256 (sha256-avx2) checksum algorithm [ 315.732532][ T7884] BTRFS info (device loop2): using free space tree [ 315.760435][ T3613] usb 2-1: New USB device found, idVendor=14c8, idProduct=0003, bcdDevice= 5.6c [ 315.770670][ T3613] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 315.779146][ T3613] usb 2-1: Product: syz [ 315.783612][ T3613] usb 2-1: Manufacturer: syz [ 315.788795][ T3613] usb 2-1: SerialNumber: syz [ 315.800315][ T3613] usb 2-1: config 0 descriptor?? [ 315.814686][ T3571] EXT4-fs (loop4): unmounting filesystem. [ 315.827368][ T7891] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 315.851561][ T3613] hub 2-1:0.0: bad descriptor, ignoring hub [ 315.861358][ T3613] hub: probe of 2-1:0.0 failed with error -5 [ 315.911564][ T3613] input: syz syz as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/input/input17 [ 315.962056][ T7884] BTRFS info (device loop2): enabling ssd optimizations [ 315.977071][ T7884] BTRFS warning (device loop2): can't clear the verity,compat_ro:4 feature bits while mounted [ 316.030238][ T6423] BTRFS info (device loop2): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 316.238889][ T3581] Bluetooth: hci1: Opcode 0x0c03 failed: -110 [ 316.296262][ T4677] usb 2-1: USB disconnect, device number 16 [ 316.296361][ C0] usbtouchscreen 2-1:0.0: usbtouch_irq - usb_submit_urb failed with result: -19 [ 316.332778][ T7954] loop3: detected capacity change from 0 to 512 [ 316.372198][ T7954] EXT4-fs (loop3): orphan cleanup on readonly fs [ 316.391579][ T7954] EXT4-fs error (device loop3): ext4_find_extent:936: inode #4: comm syz-executor.3: pblk 2 bad header/extent: invalid magic - magic 3fff, entries 12, max 508(0), depth 0(0) [ 316.413027][ T7959] serio: Serial port pts0 [ 316.434389][ T7954] Quota error (device loop3): v2_read_header: Failed header read: expected=8 got=-117 [ 316.450513][ T7954] EXT4-fs warning (device loop3): ext4_enable_quotas:7012: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix. [ 316.466901][ T7954] EXT4-fs (loop3): Cannot turn on quotas: error -22 [ 316.473869][ T7954] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 316.508332][ T7551] EXT4-fs (loop3): unmounting filesystem. [ 316.660085][ T7966] loop4: detected capacity change from 0 to 1024 [ 316.751711][ T4479] hfsplus: b-tree write err: -5, ino 4 [ 316.804094][ T26] audit: type=1326 audit(1717805786.600:217): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7973 comm="syz-executor.0" exe="/root/syz-executor.0" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fcae0c7cf69 code=0x0 [ 316.965399][ T26] audit: type=1800 audit(1717805786.760:218): pid=7987 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.3" name="file0" dev="sda1" ino=1964 res=0 errno=0 [ 317.010538][ C1] vkms_vblank_simulate: vblank timer overrun [ 317.039238][ T1253] ieee802154 phy0 wpan0: encryption failed: -22 [ 317.039294][ T1253] ieee802154 phy1 wpan1: encryption failed: -22 [ 317.276422][ T152] usb 3-1: new high-speed USB device number 15 using dummy_hcd [ 317.357491][ T7999] overlayfs: failed to resolve './file2': -2 [ 318.386842][ T152] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 319.184424][ T152] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 319.197694][ T152] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 319.206854][ T152] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 319.223945][ T152] usb 3-1: config 0 descriptor?? [ 319.436545][ T3581] Bluetooth: hci2: Controller not accepting commands anymore: ncmd = 0 [ 319.445692][ T3581] Bluetooth: hci2: Injecting HCI hardware error event [ 319.460522][ T3582] Bluetooth: hci2: hardware error 0x00 [ 319.720414][ T152] plantronics 0003:047F:FFFF.000C: unknown main item tag 0x0 [ 319.753332][ T152] plantronics 0003:047F:FFFF.000C: No inputs registered, leaving [ 319.905099][ T152] plantronics 0003:047F:FFFF.000C: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.2-1/input0 [ 320.188105][ T152] usb 3-1: USB disconnect, device number 15 [ 320.586500][ T8017] netlink: 'syz-executor.4': attribute type 1 has an invalid length. [ 320.644386][ T8017] device bond1 entered promiscuous mode [ 320.662031][ T8018] bond0: (slave bond_slave_0): Releasing backup interface [ 320.870005][ T8018] bond1: (slave bond_slave_0): making interface the new active one [ 320.883473][ T8018] device bond_slave_0 entered promiscuous mode [ 320.910767][ T8018] bond1: (slave bond_slave_0): Enslaving as an active interface with an up link [ 321.055905][ T3581] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 321.069368][ T3581] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 321.078418][ T3581] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 321.091865][ T3581] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 321.102116][ T3581] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 321.109729][ T3581] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 321.245989][ T4479] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 321.459065][ T4479] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 321.553462][ T4479] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 321.681345][ T4479] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 321.779377][ T8037] netlink: 'syz-executor.1': attribute type 10 has an invalid length. [ 321.787753][ T8037] netlink: 40 bytes leftover after parsing attributes in process `syz-executor.1'. [ 321.803663][ T8037] device ipvlan1 entered promiscuous mode [ 321.823584][ T8037] bridge0: port 3(ipvlan1) entered blocking state [ 321.829397][ T8044] loop4: detected capacity change from 0 to 512 [ 321.830982][ T8037] bridge0: port 3(ipvlan1) entered disabled state [ 321.896835][ T8044] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 321.927314][ T8046] overlayfs: failed to resolve './file2': -2 [ 322.663096][ T8037] A link change request failed with some changes committed already. Interface ipvlan1 may have been left with an inconsistent configuration, please check. [ 322.691311][ T8044] EXT4-fs (loop4): 1 truncate cleaned up [ 322.831732][ T8044] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 322.961413][ T3571] EXT4-fs (loop4): unmounting filesystem. [ 323.187120][ T8066] loop4: detected capacity change from 0 to 4096 [ 323.206609][ T3581] Bluetooth: hci2: command tx timeout [ 323.358095][ T8066] ntfs: volume version 3.1. [ 323.590024][ T8022] chnl_net:caif_netlink_parms(): no params data found [ 324.138758][ T8084] overlayfs: failed to resolve './file2': -2 [ 325.195017][ T8093] netlink: 'syz-executor.0': attribute type 10 has an invalid length. [ 325.209478][ T8093] netlink: 40 bytes leftover after parsing attributes in process `syz-executor.0'. [ 325.228300][ T8093] device ipvlan1 entered promiscuous mode [ 325.255396][ T8093] bridge0: port 3(ipvlan1) entered blocking state [ 325.262823][ T8093] bridge0: port 3(ipvlan1) entered disabled state [ 325.272951][ T8093] A link change request failed with some changes committed already. Interface ipvlan1 may have been left with an inconsistent configuration, please check. [ 325.296577][ T3581] Bluetooth: hci2: command tx timeout [ 325.410816][ T8022] bridge0: port 1(bridge_slave_0) entered blocking state [ 325.434279][ T8022] bridge0: port 1(bridge_slave_0) entered disabled state [ 325.482275][ T8022] device bridge_slave_0 entered promiscuous mode [ 325.527501][ T8022] bridge0: port 2(bridge_slave_1) entered blocking state [ 325.538207][ T8022] bridge0: port 2(bridge_slave_1) entered disabled state [ 325.560150][ T8100] netlink: 104 bytes leftover after parsing attributes in process `syz-executor.4'. [ 325.574826][ T8022] device bridge_slave_1 entered promiscuous mode [ 325.740546][ T8022] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 325.785561][ T8022] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 325.976228][ T4479] device hsr_slave_0 left promiscuous mode [ 325.991851][ T4479] device hsr_slave_1 left promiscuous mode [ 326.039233][ T4479] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 326.047693][ T4479] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 326.070543][ T4479] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 326.112048][ T4479] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 326.128553][ T4479] device bridge_slave_1 left promiscuous mode [ 326.156855][ T4479] bridge0: port 2(bridge_slave_1) entered disabled state [ 326.189008][ T4479] device bridge_slave_0 left promiscuous mode [ 326.198795][ T4479] bridge0: port 1(bridge_slave_0) entered disabled state [ 326.248109][ T4479] device veth1_macvtap left promiscuous mode [ 326.254849][ T4479] device veth0_macvtap left promiscuous mode [ 326.263250][ T4479] device veth1_vlan left promiscuous mode [ 326.270091][ T4479] device veth0_vlan left promiscuous mode [ 326.833773][ T4479] bond1 (unregistering): Released all slaves [ 326.841353][ T8127] netlink: 104 bytes leftover after parsing attributes in process `syz-executor.4'. [ 326.968080][ T8133] loop4: detected capacity change from 0 to 512 [ 327.025815][ T8133] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 327.035376][ T8133] ext4 filesystem being mounted at /root/syzkaller-testdir2784063830/syzkaller.H9CEXA/315/bus supports timestamps until 2038 (0x7fffffff) [ 327.089433][ T4479] team0 (unregistering): Port device team_slave_1 removed [ 327.108333][ T4479] team0 (unregistering): Port device team_slave_0 removed [ 327.136754][ T4479] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 327.215564][ T4479] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 327.358485][ T3581] Bluetooth: hci2: command tx timeout [ 328.097774][ T4479] bond0 (unregistering): Released all slaves [ 328.163604][ T3571] EXT4-fs (loop4): unmounting filesystem. [ 328.230995][ T8022] team0: Port device team_slave_0 added [ 328.284215][ T8022] team0: Port device team_slave_1 added [ 328.408223][ T8022] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 328.433720][ T8022] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 328.475271][ T8022] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 328.503902][ T8022] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 328.511220][ T8022] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 329.711022][ T3581] Bluetooth: hci2: command tx timeout [ 329.876516][ T4946] usb 3-1: new high-speed USB device number 16 using dummy_hcd [ 329.890395][ T8022] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 330.040818][ T8022] device hsr_slave_0 entered promiscuous mode [ 330.053229][ T8022] device hsr_slave_1 entered promiscuous mode [ 330.083117][ T8022] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 330.091365][ T8022] Cannot create hsr debugfs directory [ 330.116479][ T4946] usb 3-1: Using ep0 maxpacket: 32 [ 330.316631][ T8165] netlink: 104 bytes leftover after parsing attributes in process `syz-executor.0'. [ 330.446806][ T4946] usb 3-1: New USB device found, idVendor=10c4, idProduct=818a, bcdDevice=99.d3 [ 330.455906][ T4946] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 330.515447][ T4946] usb 3-1: Product: syz [ 330.519958][ T4946] usb 3-1: Manufacturer: syz [ 330.524686][ T4946] usb 3-1: SerialNumber: syz [ 330.562650][ T4946] usb 3-1: config 0 descriptor?? [ 330.576932][ T8171] loop1: detected capacity change from 0 to 512 [ 330.640003][ T4946] radio-si470x 3-1:0.0: could not find interrupt in endpoint [ 330.651381][ T4946] radio-si470x: probe of 3-1:0.0 failed with error -5 [ 330.653294][ T8171] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 330.784068][ T8171] ext4 filesystem being mounted at /root/syzkaller-testdir4288716594/syzkaller.eGJcwq/27/bus supports timestamps until 2038 (0x7fffffff) [ 330.830911][ T8176] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.0'. [ 330.846537][ T4946] radio-raremono 3-1:0.0: Thanko's Raremono connected: (10C4:818A) [ 331.119449][ T4946] radio-raremono 3-1:0.0: raremono_cmd_main failed (-71) [ 331.144873][ T4946] radio-raremono 3-1:0.0: V4L2 device registered as radio32 [ 331.171802][ T4946] usb 3-1: USB disconnect, device number 16 [ 331.180496][ T4946] radio-raremono 3-1:0.0: Thanko's Raremono disconnected [ 331.885036][ T7500] EXT4-fs (loop1): unmounting filesystem. [ 332.018552][ T8022] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 333.340372][ T8022] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 333.393581][ T8022] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 333.451570][ T8022] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 333.869911][ T8022] 8021q: adding VLAN 0 to HW filter on device bond0 [ 333.936953][ T3615] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 334.006098][ T3615] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 334.038124][ T8022] 8021q: adding VLAN 0 to HW filter on device team0 [ 334.151345][ T3565] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 334.174391][ T8197] can0: slcan on pty23. [ 334.179213][ T3565] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 334.213720][ T3565] bridge0: port 1(bridge_slave_0) entered blocking state [ 334.220984][ T3565] bridge0: port 1(bridge_slave_0) entered forwarding state [ 334.272876][ T3565] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 334.297423][ T3565] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 334.328026][ T3565] bridge0: port 2(bridge_slave_1) entered blocking state [ 334.335189][ T3565] bridge0: port 2(bridge_slave_1) entered forwarding state [ 334.404853][ T4677] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 334.415672][ T4677] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 334.472191][ T4677] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 334.516938][ T4677] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 334.556229][ T4677] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 334.576592][ T8201] 9pnet_fd: Insufficient options for proto=fd [ 334.608522][ T4680] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 334.617812][ T4680] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 334.644782][ T4680] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 334.668979][ T4680] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 334.691095][ T4680] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 334.712006][ T4680] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 334.732493][ T4680] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 334.752859][ T8022] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 335.251709][ T8214] overlayfs: missing 'lowerdir' [ 335.407144][ T8211] loop4: detected capacity change from 0 to 512 [ 336.052807][ T8211] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 336.090003][ T8211] ext4 filesystem being mounted at /root/syzkaller-testdir2784063830/syzkaller.H9CEXA/318/bus supports timestamps until 2038 (0x7fffffff) [ 336.330271][ T8198] loop1: detected capacity change from 0 to 32768 [ 336.386511][ T8198] BTRFS: device fsid 24c7a497-3402-47dd-bef8-82358f5f30e0 devid 1 transid 8 /dev/loop1 scanned by syz-executor.1 (8198) [ 336.965860][ T3649] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 336.980472][ T3649] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 337.024910][ T8022] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 337.143544][ T8198] BTRFS error (device loop1): open_ctree failed [ 337.162497][ T3571] EXT4-fs (loop4): unmounting filesystem. [ 337.208790][ T4435] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 337.224069][ T8229] loop2: detected capacity change from 0 to 4096 [ 337.237422][ T4435] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 337.278484][ T4946] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 337.294685][ T4946] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 337.372222][ T8022] device veth0_vlan entered promiscuous mode [ 337.387680][ T8198] can0 (unregistered): slcan off pty23. [ 337.395375][ T4435] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 337.424681][ T4435] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 337.440578][ T8022] device veth1_vlan entered promiscuous mode [ 337.582166][ T3615] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 337.592809][ T3615] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 337.619014][ T3615] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 337.638824][ T3615] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 337.654360][ T8022] device veth0_macvtap entered promiscuous mode [ 337.695735][ T8022] device veth1_macvtap entered promiscuous mode [ 337.771752][ T8022] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 337.811388][ T8022] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 337.909417][ T8022] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 337.975511][ T8022] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 338.070364][ T8022] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 338.616663][ T8022] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 338.642151][ T8022] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 338.660471][ T8022] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 338.713467][ T8251] overlayfs: missing 'lowerdir' [ 338.794988][ T8022] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 338.807345][ T3615] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 338.819654][ T3615] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 338.867086][ T3615] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 338.984315][ T3615] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 339.003892][ T8022] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 339.043823][ T8022] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 339.079155][ T8022] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 339.100352][ T8022] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 339.125253][ T8022] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 339.188718][ T8022] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 339.205503][ T8022] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 339.218258][ T8022] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 339.254264][ T8257] loop2: detected capacity change from 0 to 512 [ 339.254415][ T8022] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 339.275821][ T3649] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 339.303053][ T3649] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 339.323853][ T8022] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 339.340740][ T8257] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 339.383371][ T8022] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 339.415534][ T8257] ext4 filesystem being mounted at /root/syzkaller-testdir2822852477/syzkaller.ZqIFut/97/bus supports timestamps until 2038 (0x7fffffff) [ 339.419474][ T8022] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 339.438632][ T8022] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 340.609774][ T6423] EXT4-fs (loop2): unmounting filesystem. [ 340.652552][ T3761] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 340.683224][ T3761] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 340.804604][ T8244] loop4: detected capacity change from 0 to 32768 [ 340.836528][ T3649] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 340.861589][ T1106] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 340.978298][ T1106] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 341.075266][ T3565] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 341.246771][ T26] audit: type=1326 audit(1717805811.050:219): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8276 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f240f67cf69 code=0x0 [ 341.502933][ T26] audit: type=1326 audit(1717805811.300:220): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8276 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f240f67cf69 code=0x0 [ 341.692738][ T26] audit: type=1326 audit(1717805811.490:221): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8276 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f240f67cf69 code=0x7ffc0000 [ 341.747877][ T8284] loop4: detected capacity change from 0 to 2048 [ 341.752774][ T26] audit: type=1326 audit(1717805811.490:222): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8276 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f240f67cf69 code=0x7ffc0000 [ 341.784444][ T26] audit: type=1326 audit(1717805811.530:223): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8276 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f240f67cf69 code=0x7ffc0000 [ 342.485570][ T26] audit: type=1326 audit(1717805811.530:224): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8276 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f240f67cf69 code=0x7ffc0000 [ 342.550911][ T26] audit: type=1326 audit(1717805811.530:225): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8276 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f240f67cf69 code=0x7ffc0000 [ 342.645927][ T8284] loop4: p1 < > p4 [ 342.698096][ T26] audit: type=1326 audit(1717805811.530:226): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8276 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f240f67cf69 code=0x7ffc0000 [ 342.722051][ T8284] loop4: p4 size 8388608 extends beyond EOD, truncated [ 342.745569][ T26] audit: type=1326 audit(1717805811.530:227): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8276 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f240f67cf69 code=0x7ffc0000 [ 342.795163][ T26] audit: type=1326 audit(1717805811.530:228): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8276 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f240f67cf69 code=0x7ffc0000 [ 342.846431][ T3649] usb 2-1: new high-speed USB device number 17 using dummy_hcd [ 343.106618][ T3649] usb 2-1: Using ep0 maxpacket: 16 [ 343.356801][ T4742] usb 3-1: new high-speed USB device number 17 using dummy_hcd [ 343.405430][ T8299] loop3: detected capacity change from 0 to 32768 [ 343.414183][ T8299] BTRFS: device fsid 5e4b7888-5e56-43f0-8345-635ad0fd87c6 devid 1 transid 8 /dev/loop3 scanned by syz-executor.3 (8299) [ 343.427607][ T3649] usb 2-1: New USB device found, idVendor=14aa, idProduct=022b, bcdDevice=8e.53 [ 343.438726][ T3649] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 343.449429][ T3649] usb 2-1: Product: syz [ 343.453884][ T3649] usb 2-1: Manufacturer: syz [ 343.459328][ T3649] usb 2-1: SerialNumber: syz [ 343.470246][ T3649] usb 2-1: config 0 descriptor?? [ 343.476449][ T8299] BTRFS info (device loop3): first mount of filesystem 5e4b7888-5e56-43f0-8345-635ad0fd87c6 [ 343.503071][ T8299] BTRFS info (device loop3): using blake2b (blake2b-256-generic) checksum algorithm [ 343.528402][ T3649] dvb-usb: found a 'WideView WT-220U PenType Receiver (based on ZL353)' in warm state. [ 343.536620][ T8299] BTRFS info (device loop3): using free space tree [ 343.548449][ T3649] dvb-usb: bulk message failed: -22 (2/0) [ 343.560940][ T3649] dvb-usb: will use the device's hardware PID filter (table count: 15). [ 343.588998][ T3649] dvbdev: DVB: registering new adapter (WideView WT-220U PenType Receiver (based on ZL353)) [ 343.605518][ T3649] usb 2-1: media controller created [ 343.612604][ T3649] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 343.644155][ T3649] usb 2-1: DVB: registering adapter 1 frontend 0 (WideView USB DVB-T)... [ 343.657314][ T4742] usb 3-1: Using ep0 maxpacket: 16 [ 343.662955][ T3649] dvbdev: dvb_create_media_entity: media entity 'WideView USB DVB-T' registered. [ 343.688453][ T8332] cgroup: name respecified [ 343.763995][ T8299] BTRFS info (device loop3): enabling ssd optimizations [ 343.806945][ T4742] usb 3-1: config 0 interface 0 altsetting 0 has an invalid endpoint with address 0x0, skipping [ 343.824718][ T4742] usb 3-1: config 0 interface 0 altsetting 0 has an invalid endpoint with address 0x0, skipping [ 343.924800][ T3649] rc_core: IR keymap rc-dtt200u not found [ 344.835704][ T3649] Registered IR keymap rc-empty [ 344.842420][ T3649] rc rc0: WideView WT-220U PenType Receiver (based on ZL353) as /devices/platform/dummy_hcd.1/usb2/2-1/rc/rc0 [ 344.855707][ T3649] input: WideView WT-220U PenType Receiver (based on ZL353) as /devices/platform/dummy_hcd.1/usb2/2-1/rc/rc0/input18 [ 344.911310][ T3649] dvb-usb: schedule remote query interval to 300 msecs. [ 344.978058][ T3649] dvb-usb: WideView WT-220U PenType Receiver (based on ZL353) successfully initialized and connected. [ 345.046625][ T4742] usb 3-1: New USB device found, idVendor=14aa, idProduct=022b, bcdDevice=8e.53 [ 345.055708][ T4742] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 345.069109][ T3649] usb 2-1: USB disconnect, device number 17 [ 345.096409][ T4742] usb 3-1: Product: syz [ 345.100626][ T4742] usb 3-1: Manufacturer: syz [ 345.105215][ T4742] usb 3-1: SerialNumber: syz [ 345.118264][ T8352] dlm: no local IP address has been set [ 345.119097][ T4742] usb 3-1: config 0 descriptor?? [ 345.133711][ T8352] dlm: cannot start dlm midcomms -107 [ 345.152729][ T8022] BTRFS info (device loop3): last unmount of filesystem 5e4b7888-5e56-43f0-8345-635ad0fd87c6 [ 345.179444][ T4742] dvb-usb: found a 'WideView WT-220U PenType Receiver (based on ZL353)' in warm state. [ 345.228315][ T4742] dvb-usb: bulk message failed: -22 (2/0) [ 345.243463][ T4742] dvb-usb: will use the device's hardware PID filter (table count: 15). [ 345.262437][ T3649] dvb-usb: WideView WT-220U PenType Receiver (base successfully deinitialized and disconnected. [ 345.301261][ T4742] dvbdev: DVB: registering new adapter (WideView WT-220U PenType Receiver (based on ZL353)) [ 345.324697][ T4742] usb 3-1: media controller created [ 345.342943][ T4742] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 345.372804][ T4742] usb 3-1: DVB: registering adapter 1 frontend 0 (WideView USB DVB-T)... [ 345.436683][ T4742] dvbdev: dvb_create_media_entity: media entity 'WideView USB DVB-T' registered. [ 345.786337][ T4742] rc_core: IR keymap rc-dtt200u not found [ 345.793394][ T4742] Registered IR keymap rc-empty [ 345.810389][ T4742] rc rc0: WideView WT-220U PenType Receiver (based on ZL353) as /devices/platform/dummy_hcd.2/usb3/3-1/rc/rc0 [ 345.840775][ T4742] input: WideView WT-220U PenType Receiver (based on ZL353) as /devices/platform/dummy_hcd.2/usb3/3-1/rc/rc0/input19 [ 345.876891][ T4742] dvb-usb: schedule remote query interval to 300 msecs. [ 345.899961][ T4742] dvb-usb: WideView WT-220U PenType Receiver (based on ZL353) successfully initialized and connected. [ 345.935933][ T4742] usb 3-1: USB disconnect, device number 17 [ 345.976660][ T4742] dvb-usb: WideView WT-220U PenType Receiver (base successfully deinitialized and disconnected. [ 346.214272][ T8372] loop3: detected capacity change from 0 to 512 [ 346.255584][ T8372] FAT-fs (loop3): error, invalid access to FAT (entry 0x0000079f) [ 346.276328][ T8372] FAT-fs (loop3): Filesystem has been set read-only [ 346.288799][ T8372] FAT-fs (loop3): error, invalid access to FAT (entry 0x0000079f) [ 346.446484][ T4742] usb 3-1: new high-speed USB device number 18 using dummy_hcd [ 346.696743][ T4742] usb 3-1: Using ep0 maxpacket: 16 [ 346.897133][ T4742] usb 3-1: unable to get BOS descriptor or descriptor too short [ 346.986456][ T4742] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 347.016492][ T4742] usb 3-1: config 1 interface 0 has no altsetting 0 [ 347.206462][ T4742] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 347.215545][ T4742] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 347.236347][ T4742] usb 3-1: Product: syz [ 347.240558][ T4742] usb 3-1: Manufacturer: syz [ 347.245154][ T4742] usb 3-1: SerialNumber: syz [ 347.567863][ T4742] usb 3-1: bad CDC descriptors [ 347.575755][ T4742] usb 3-1: USB disconnect, device number 18 [ 349.866422][ T4676] usb 3-1: new high-speed USB device number 19 using dummy_hcd [ 350.116425][ T4676] usb 3-1: Using ep0 maxpacket: 16 [ 350.406717][ T4676] usb 3-1: New USB device found, idVendor=14aa, idProduct=022b, bcdDevice=8e.53 [ 350.420341][ T4676] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 350.436497][ T4676] usb 3-1: Product: syz [ 350.443975][ T4676] usb 3-1: Manufacturer: syz [ 350.451022][ T4676] usb 3-1: SerialNumber: syz [ 350.461263][ T4676] usb 3-1: config 0 descriptor?? [ 350.510704][ T4676] dvb-usb: found a 'WideView WT-220U PenType Receiver (based on ZL353)' in warm state. [ 350.523975][ T4676] dvb-usb: bulk message failed: -22 (2/0) [ 350.532125][ T4676] dvb-usb: will use the device's hardware PID filter (table count: 15). [ 350.558072][ T4676] dvbdev: DVB: registering new adapter (WideView WT-220U PenType Receiver (based on ZL353)) [ 350.573433][ T4676] usb 3-1: media controller created [ 350.583228][ T4676] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 350.600267][ T4676] usb 3-1: DVB: registering adapter 1 frontend 0 (WideView USB DVB-T)... [ 350.614249][ T4676] dvbdev: dvb_create_media_entity: media entity 'WideView USB DVB-T' registered. [ 350.776447][ T4676] rc_core: IR keymap rc-dtt200u not found [ 350.782344][ T4676] Registered IR keymap rc-empty [ 350.793791][ T4676] rc rc0: WideView WT-220U PenType Receiver (based on ZL353) as /devices/platform/dummy_hcd.2/usb3/3-1/rc/rc0 [ 350.815285][ T4676] input: WideView WT-220U PenType Receiver (based on ZL353) as /devices/platform/dummy_hcd.2/usb3/3-1/rc/rc0/input20 [ 350.834530][ T4676] dvb-usb: schedule remote query interval to 300 msecs. [ 350.841743][ T4676] dvb-usb: WideView WT-220U PenType Receiver (based on ZL353) successfully initialized and connected. [ 350.860031][ T4676] usb 3-1: USB disconnect, device number 19 [ 350.882605][ T4676] dvb-usb: WideView WT-220U PenType Receiver (base successfully deinitialized and disconnected. [ 351.648894][ T8390] loop2: detected capacity change from 0 to 32768 [ 351.663058][ T8390] BTRFS: device fsid 5e4b7888-5e56-43f0-8345-635ad0fd87c6 devid 1 transid 8 /dev/loop2 scanned by syz-executor.2 (8390) [ 351.680992][ T8390] BTRFS info (device loop2): first mount of filesystem 5e4b7888-5e56-43f0-8345-635ad0fd87c6 [ 351.699113][ T8390] BTRFS info (device loop2): using blake2b (blake2b-256-generic) checksum algorithm [ 351.714025][ T8390] BTRFS info (device loop2): using free space tree [ 351.753994][ T8390] BTRFS info (device loop2): enabling ssd optimizations [ 351.779215][ T26] kauditd_printk_skb: 4 callbacks suppressed [ 351.779232][ T26] audit: type=1800 audit(1717805821.580:233): pid=8390 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.2" name="file1" dev="loop2" ino=260 res=0 errno=0 [ 351.844520][ T26] audit: type=1804 audit(1717805821.620:234): pid=8390 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir2822852477/syzkaller.ZqIFut/108/file0/file1" dev="loop2" ino=260 res=1 errno=0 [ 351.876345][ T26] audit: type=1804 audit(1717805821.670:235): pid=8390 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir2822852477/syzkaller.ZqIFut/108/file0/file1" dev="loop2" ino=260 res=1 errno=0 [ 351.939758][ T6423] BTRFS info (device loop2): last unmount of filesystem 5e4b7888-5e56-43f0-8345-635ad0fd87c6 [ 352.782003][ T8422] loop2: detected capacity change from 0 to 128 [ 354.106506][ T3613] usb 3-1: new high-speed USB device number 20 using dummy_hcd [ 354.346430][ T3613] usb 3-1: Using ep0 maxpacket: 32 [ 354.466543][ T3613] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 354.484561][ T3613] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 354.494484][ T3613] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 5 [ 354.514472][ T3613] usb 3-1: New USB device found, idVendor=05ac, idProduct=024f, bcdDevice= 0.00 [ 354.523664][ T3613] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 354.539307][ T3613] usb 3-1: config 0 descriptor?? [ 355.018447][ T3613] apple 0003:05AC:024F.000D: unknown main item tag 0x0 [ 355.025414][ T3613] apple 0003:05AC:024F.000D: unknown main item tag 0x0 [ 355.038309][ T3613] apple 0003:05AC:024F.000D: unknown main item tag 0x0 [ 355.045305][ T3613] apple 0003:05AC:024F.000D: unknown main item tag 0x0 [ 355.055763][ T3613] apple 0003:05AC:024F.000D: unknown main item tag 0x0 [ 355.075011][ T3613] apple 0003:05AC:024F.000D: failed to start in urb: -90 [ 355.090361][ T3613] apple 0003:05AC:024F.000D: hidraw0: USB HID v0.00 Device [HID 05ac:024f] on usb-dummy_hcd.2-1/input0 [ 355.237039][ T3613] usb 3-1: USB disconnect, device number 20 [ 360.086376][ T3582] Bluetooth: hci4: command 0x0406 tx timeout [ 374.293729][ T3581] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 374.306173][ T3581] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 374.316288][ T3581] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 374.324481][ T3581] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 374.336902][ T3581] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 374.344185][ T3581] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 375.523673][ T3582] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 375.535510][ T3582] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 375.544366][ T3582] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 375.554782][ T3582] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 375.562430][ T3582] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 375.571635][ T3582] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 376.029121][ T3581] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 376.040387][ T3581] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 376.049189][ T3581] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 376.065665][ T48] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 376.075010][ T48] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 376.088291][ T48] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 376.396743][ T48] Bluetooth: hci5: command tx timeout [ 376.889356][ T3582] Bluetooth: hci8: unexpected cc 0x0c03 length: 249 > 1 [ 376.901035][ T3582] Bluetooth: hci8: unexpected cc 0x1003 length: 249 > 9 [ 376.909915][ T3582] Bluetooth: hci8: unexpected cc 0x1001 length: 249 > 9 [ 376.917862][ T3582] Bluetooth: hci8: unexpected cc 0x0c23 length: 249 > 4 [ 376.929999][ T3582] Bluetooth: hci8: unexpected cc 0x0c25 length: 249 > 3 [ 376.939247][ T3582] Bluetooth: hci8: unexpected cc 0x0c38 length: 249 > 2 [ 377.676451][ T3582] Bluetooth: hci6: command tx timeout [ 378.156496][ T3582] Bluetooth: hci7: command tx timeout [ 378.477875][ T3582] Bluetooth: hci5: command tx timeout [ 378.481152][ T1253] ieee802154 phy0 wpan0: encryption failed: -22 [ 378.489852][ T1253] ieee802154 phy1 wpan1: encryption failed: -22 [ 378.956574][ T48] Bluetooth: hci8: command tx timeout [ 379.757965][ T48] Bluetooth: hci6: command tx timeout [ 380.236420][ T48] Bluetooth: hci7: command tx timeout [ 380.556395][ T48] Bluetooth: hci5: command tx timeout [ 381.039230][ T48] Bluetooth: hci8: command tx timeout [ 381.836674][ T48] Bluetooth: hci6: command tx timeout [ 382.321181][ T48] Bluetooth: hci7: command tx timeout [ 382.636498][ T48] Bluetooth: hci5: command tx timeout [ 383.116359][ T48] Bluetooth: hci8: command tx timeout [ 383.926361][ T48] Bluetooth: hci6: command tx timeout [ 384.396359][ T48] Bluetooth: hci7: command tx timeout [ 384.439741][ T48] Bluetooth: hci9: unexpected cc 0x0c03 length: 249 > 1 [ 384.451911][ T48] Bluetooth: hci9: unexpected cc 0x1003 length: 249 > 9 [ 384.461993][ T48] Bluetooth: hci9: unexpected cc 0x1001 length: 249 > 9 [ 384.483620][ T48] Bluetooth: hci9: unexpected cc 0x0c23 length: 249 > 4 [ 384.492492][ T48] Bluetooth: hci9: unexpected cc 0x0c25 length: 249 > 3 [ 384.500993][ T48] Bluetooth: hci9: unexpected cc 0x0c38 length: 249 > 2 [ 385.196388][ T3582] Bluetooth: hci8: command tx timeout [ 386.556553][ T3582] Bluetooth: hci9: command tx timeout [ 388.636335][ T3582] Bluetooth: hci9: command tx timeout [ 390.716477][ T3582] Bluetooth: hci9: command tx timeout [ 392.796409][ T3582] Bluetooth: hci9: command tx timeout [ 411.276467][ T3582] Bluetooth: hci3: command 0x0406 tx timeout [ 439.358570][ T48] Bluetooth: hci10: unexpected cc 0x0c03 length: 249 > 1 [ 439.369538][ T48] Bluetooth: hci10: unexpected cc 0x1003 length: 249 > 9 [ 439.381894][ T48] Bluetooth: hci10: unexpected cc 0x1001 length: 249 > 9 [ 439.396041][ T48] Bluetooth: hci10: unexpected cc 0x0c23 length: 249 > 4 [ 439.405302][ T48] Bluetooth: hci10: unexpected cc 0x0c25 length: 249 > 3 [ 439.413060][ T48] Bluetooth: hci10: unexpected cc 0x0c38 length: 249 > 2 [ 439.926576][ T1253] ieee802154 phy0 wpan0: encryption failed: -22 [ 439.932907][ T1253] ieee802154 phy1 wpan1: encryption failed: -22 [ 440.575204][ T3582] Bluetooth: hci11: unexpected cc 0x0c03 length: 249 > 1 [ 440.591626][ T3582] Bluetooth: hci11: unexpected cc 0x1003 length: 249 > 9 [ 440.601159][ T3582] Bluetooth: hci11: unexpected cc 0x1001 length: 249 > 9 [ 440.609425][ T3582] Bluetooth: hci11: unexpected cc 0x0c23 length: 249 > 4 [ 440.617949][ T3582] Bluetooth: hci11: unexpected cc 0x0c25 length: 249 > 3 [ 440.627051][ T3582] Bluetooth: hci11: unexpected cc 0x0c38 length: 249 > 2 [ 441.163943][ T3582] Bluetooth: hci12: unexpected cc 0x0c03 length: 249 > 1 [ 441.180138][ T3582] Bluetooth: hci12: unexpected cc 0x1003 length: 249 > 9 [ 441.191984][ T3582] Bluetooth: hci12: unexpected cc 0x1001 length: 249 > 9 [ 441.202674][ T3582] Bluetooth: hci12: unexpected cc 0x0c23 length: 249 > 4 [ 441.210363][ T3582] Bluetooth: hci12: unexpected cc 0x0c25 length: 249 > 3 [ 441.217735][ T3582] Bluetooth: hci12: unexpected cc 0x0c38 length: 249 > 2 [ 441.516390][ T48] Bluetooth: hci10: command tx timeout [ 441.930100][ T3582] Bluetooth: hci13: unexpected cc 0x0c03 length: 249 > 1 [ 441.942504][ T3582] Bluetooth: hci13: unexpected cc 0x1003 length: 249 > 9 [ 441.953289][ T3582] Bluetooth: hci13: unexpected cc 0x1001 length: 249 > 9 [ 441.965690][ T3582] Bluetooth: hci13: unexpected cc 0x0c23 length: 249 > 4 [ 441.974768][ T3582] Bluetooth: hci13: unexpected cc 0x0c25 length: 249 > 3 [ 441.982284][ T3582] Bluetooth: hci13: unexpected cc 0x0c38 length: 249 > 2 [ 442.716443][ T3582] Bluetooth: hci11: command tx timeout [ 443.276539][ T3582] Bluetooth: hci12: command tx timeout [ 443.596324][ T3582] Bluetooth: hci10: command tx timeout [ 443.996673][ T3582] Bluetooth: hci13: command tx timeout [ 444.796319][ T3582] Bluetooth: hci11: command tx timeout [ 445.356310][ T48] Bluetooth: hci12: command tx timeout [ 445.678479][ T48] Bluetooth: hci10: command tx timeout [ 446.076490][ T48] Bluetooth: hci13: command tx timeout [ 446.876438][ T48] Bluetooth: hci11: command tx timeout [ 447.116501][ T3582] Bluetooth: hci2: command 0x0406 tx timeout [ 447.436673][ T3582] Bluetooth: hci12: command tx timeout [ 447.756393][ T3582] Bluetooth: hci10: command tx timeout [ 448.156421][ T3582] Bluetooth: hci13: command tx timeout [ 448.956353][ T3582] Bluetooth: hci11: command tx timeout [ 449.223971][ T48] Bluetooth: hci14: unexpected cc 0x0c03 length: 249 > 1 [ 449.235526][ T48] Bluetooth: hci14: unexpected cc 0x1003 length: 249 > 9 [ 449.247461][ T48] Bluetooth: hci14: unexpected cc 0x1001 length: 249 > 9 [ 449.255497][ T48] Bluetooth: hci14: unexpected cc 0x0c23 length: 249 > 4 [ 449.263519][ T48] Bluetooth: hci14: unexpected cc 0x0c25 length: 249 > 3 [ 449.270956][ T48] Bluetooth: hci14: unexpected cc 0x0c38 length: 249 > 2 [ 449.516783][ T48] Bluetooth: hci12: command tx timeout [ 450.246404][ T3582] Bluetooth: hci13: command tx timeout [ 451.365063][ T3582] Bluetooth: hci14: command tx timeout [ 453.445019][ T3582] Bluetooth: hci14: command tx timeout [ 455.534993][ T3582] Bluetooth: hci14: command tx timeout [ 457.605137][ T3582] Bluetooth: hci14: command tx timeout [ 493.676422][ T28] INFO: task syz-executor.1:8355 blocked for more than 143 seconds. [ 493.684566][ T28] Not tainted 6.1.92-syzkaller #0 [ 493.696021][ T28] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 493.704767][ T28] task:syz-executor.1 state:D stack:29096 pid:8355 ppid:7500 flags:0x00004006 [ 493.719763][ T28] Call Trace: [ 493.723099][ T28] 2024/06/08 00:19:23 SYZFATAL: failed to recv *flatrpc.HostMessageRaw: EOF [ 493.726071][ T28] __schedule+0x142d/0x4550 [ 493.761586][ T28] ? __mutex_lock+0x6b4/0xd80 [ 493.772546][ T28] ? __sched_text_start+0x8/0x8 [ 493.777661][ T28] ? __mutex_trylock_common+0x8d/0x2e0 [ 493.783203][ T28] ? do_raw_spin_unlock+0x137/0x8a0 [ 493.831913][ T28] schedule+0xbf/0x180 [ 493.836091][ T28] schedule_preempt_disabled+0xf/0x20 [ 493.844645][ T28] __mutex_lock+0x6b9/0xd80 [ 493.863882][ T28] ? __mutex_lock+0x53c/0xd80 [ 493.874315][ T28] ? do_ip_setsockopt+0x51d/0x3bb0 [ 493.879675][ T28] ? mutex_lock_nested+0x10/0x10 [ 493.884657][ T28] do_ip_setsockopt+0x51d/0x3bb0 [ 493.916804][ T28] ? ip_sock_set_pktinfo+0x60/0x60 [ 493.922013][ T28] ? aa_sk_perm+0x92d/0xa60 [ 493.955027][ T28] ? aa_af_perm+0x350/0x350 [ 493.959655][ T28] ? __fget_files+0x435/0x4a0 [ 493.972484][ T28] ? aa_sock_opt_perm+0x79/0x110 [ 493.977547][ T28] ip_setsockopt+0x5b/0x100 [ 493.982091][ T28] ? sock_common_recvmsg+0x240/0x240 [ 493.993212][ T28] __sys_setsockopt+0x57e/0xa00 [ 494.003075][ T28] ? __ia32_sys_recv+0xb0/0xb0 [ 494.013975][ T28] ? syscall_enter_from_user_mode+0x2e/0x230 [ 494.020083][ T28] __x64_sys_setsockopt+0xb1/0xc0 [ 494.025154][ T28] do_syscall_64+0x3b/0xb0 [ 494.035356][ T28] ? clear_bhb_loop+0x45/0xa0 [ 494.040208][ T28] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 494.046132][ T28] RIP: 0033:0x7fc69bc7cf69 [ 494.076032][ T28] RSP: 002b:00007fc69c99d0c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 494.101943][ T28] RAX: ffffffffffffffda RBX: 00007fc69bdb4050 RCX: 00007fc69bc7cf69 [ 494.116251][ T28] RDX: 000000000000002d RSI: 0000000000000000 RDI: 0000000000000003 [ 494.124276][ T28] RBP: 00007fc69bcda6fe R08: 0000000000000000 R09: 0000000000000000 [ 494.161332][ T28] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 494.186314][ T28] R13: 000000000000006e R14: 00007fc69bdb4050 R15: 00007ffc194fae58 [ 494.194378][ T28] [ 494.206366][ T28] INFO: task syz-executor.4:8362 blocked for more than 143 seconds. [ 494.214393][ T28] Not tainted 6.1.92-syzkaller #0 [ 494.236245][ T28] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 494.245237][ T28] task:syz-executor.4 state:D stack:27256 pid:8362 ppid:3571 flags:0x00004006 [ 494.302012][ T28] Call Trace: [ 494.305374][ T28] [ 494.308413][ T28] __schedule+0x142d/0x4550 [ 494.312979][ T28] ? __mutex_lock+0x6b4/0xd80 [ 494.343052][ T28] ? __sched_text_start+0x8/0x8 [ 494.348061][ T28] ? __mutex_trylock_common+0x8d/0x2e0 [ 494.353562][ T28] ? do_raw_spin_unlock+0x137/0x8a0 [ 494.375310][ T28] schedule+0xbf/0x180 [ 494.402265][ T28] schedule_preempt_disabled+0xf/0x20 [ 494.407781][ T28] __mutex_lock+0x6b9/0xd80 [ 494.412403][ T28] ? __mutex_lock+0x53c/0xd80 [ 494.436252][ T28] ? __netlink_dump_start+0x12e/0x6e0 [ 494.441710][ T28] ? mutex_lock_nested+0x10/0x10 [ 494.456262][ T28] ? netlink_lookup+0x31/0x200 [ 494.461109][ T28] __netlink_dump_start+0x12e/0x6e0 [ 494.476512][ T28] rtnetlink_rcv_msg+0xd4c/0xff0 [ 494.482275][ T28] ? rtnetlink_rcv_msg+0x1f9/0xff0 [ 494.496269][ T28] ? rtnl_dellink+0x880/0x880 [ 494.501020][ T28] ? rtnetlink_bind+0x80/0x80 [ 494.505721][ T28] ? __local_bh_enable_ip+0x164/0x1f0 [